Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

GRC Manager

EEnpal
Seniority
Midweight
Model
In-Office
Sector
Climate tech
Salary
Undisclosed
Contract
Full-Time

About the role

The GRC / ISMS Manager is responsible for the development, operational management and continuous improvement of the company's governance, risk and compliance framework as well as the Information Security Management System (ISMS). This is an individual contributor manager role without disciplinary people management responsibility and with direct reporting to the CISO.

What you'll do

  • Develop, maintain and continuously improve the ISMS, including policies, standards, procedures and control frameworks.
  • Coordinate security governance activities and ensure alignment with internal requirements, regulatory obligations and business priorities.
  • Perform and facilitate information security risk assessments, control reviews and remediation tracking.
  • Prepare, coordinate and support internal and external audits, certifications and compliance reviews.
  • Maintain risk registers, control documentation, evidence repositories and management reporting materials.
  • Partner with stakeholders across Technology, Product, Legal, Compliance, Data Protection, Operations and other business areas to implement security and compliance requirements.
  • Support third-party risk management activities, including assessment coordination, documentation review and follow-up actions.
  • Develop reporting for senior management and the CISO, including KPIs, KRIs, control status and risk exposure updates.

What you'll need

  • Several years of professional experience in GRC, ISMS, Information Security, IT Risk, Audit or Compliance.
  • Strong working knowledge of common frameworks and standards such as ISO 27001, NIST, SOC 2 or comparable control frameworks.
  • Proven experience in policy development, risk management, audit preparation and evidence-based compliance work.
  • Ability to work effectively in cross-functional, fast-paced and evolving business environments.
  • Strong analytical, organizational and stakeholder management skills.
  • Excellent written and verbal communication skills in English; German is a strong advantage.

Nice to have

  • Structured and detail-oriented, while able to balance governance quality with business pragmatism.
  • Confident working with both technical and non-technical stakeholders.
  • Comfortable taking ownership in a fast-scaling environment with short decision paths and high visibility.

What they offer

  • Hybrid working with Workflex option to relocate abroad for up to 30 days a year.
  • Modern office in Berlin-Friedrichshain with height-adjustable desks, table tennis, and barista coffee.
  • 29 + 2 vacation days and discounted Wellhub membership.
  • Onboarding support with buddy program and team mentorship.
  • Open feedback culture and short decision-making processes.
APPLY →