Apply on Employer Site

SECJUR · 1 month ago

Privacy & Information Security Expert (m/w/d)

United States

Full-time

Remote

Mid, Senior Level

3+ years exp

SECJUR is a rapidly growing legal tech company that has been changing the compliance market significantly since its founding in 2018. They are seeking a Privacy & Information Security Expert to support customers in the DACH region with data protection and information security, while continuously improving their digital compliance solution.

Artificial Intelligence (AI)ComplianceCyber SecurityInformation TechnologySoftware

No H1B

Responsibilities

Providing expert support to our customers in all matters related to Data protection (in particular under GDPR/BDSG and TDDDG), and Information security

Advising our customers on the setup, operation and continuous improvement of Information Security Management Systems (ISMS), especially according to ISO/IEC 27001, TISAX, NIS2

Supporting customers on their path to certification (e.g. ISO 27001, TISAX) or in designing their processes and systems in a GDPR-compliant way

Conducting audits / assessments of the current status of their information security and data protection compliance (gap analyses, maturity assessments, recommendations for measures) – mostly remote, and in exceptional cases on-site

Supporting our customers in using our platform, the Digital Compliance Office (DCO) – including showing how data protection and InfoSec requirements can be implemented as automated and efficient as possible within the DCO

Actively shaping our information security and data protection modules in the DCO (e.g. new content, templates, workflows, automations) with your subject-matter expertise

Working closely with our Experts, Customer Success and Product teams to provide holistic support to customers, feed project insights back into the product, and build best practices for digital compliance

Taking on responsibilities as an external Data Protection Officer or Information Security Officer for selected customers

Qualification

ISO 27001TISAXGDPRInformation SecurityData ProtectionISMSDSMSCISMCISAConfluenceHubSpotJiraGerman (C1)EnglishCommunication SkillsOrganizational SkillsTeamwork

Required

A completed degree with a technical, legal or business background – or a comparable qualification gained through relevant professional experience

Several years of experience in data protection (ideally focused on GDPR) and/or information security, e.g. in consulting, audit or in-house roles

Experience in implementing and further developing management systems, ideally ISMS (ISO 27001, TISAX) and/or DSMS

Experience providing targeted expert support to customers, ideally in a SaaS, consulting or audit context

Very good knowledge of GDPR and relevant information security standards

Excellent German skills (at least C1) in speaking and writing, as well as good English skills

High IT affinity and very good MS Office skills

You work efficiently, independently and in a structured way and can integrate well into existing processes and tools without losing your entrepreneurial mindset

Strong communication and organizational skills as well as a genuine team spirit

Preferred

Relevant certifications (e.g. ISO/IEC 27001 Lead Implementer / Lead Auditor, TISAX, CISM, CISA, Data Protection Officer, etc.) are a plus, but not a must

A basic understanding of other regulations (e.g. NIS2, DORA, TISAX) is an advantage

Ideally you have already worked with Confluence, HubSpot and/or Jira