Principal Security Consultant - Defense Sector (m/f/d)

Your responsibilities

• Develop, review and audit IT/OT security concepts aligned with IT-Grundschutz and ISO/IEC 27001
• Translate regulatory requirements and accreditation criteria into implementable security controls for OT, embedded and mobile systems
• Work hands on with specialists to configure and validate security on technical platforms such as vehicles, mobile machinery, control systems and other embedded environments
• Support and perform risk assessments and threat modelling and map results to standards and practical mitigations
• Prepare technical findings and present them to expert and non technical stakeholders in defense and critical settings

What we're looking for

• Degree in computer science, IT security, engineering or comparable qualification
• Several years' experience in information security with demonstrable exposure to both consulting and hands on implementation work
• Solid knowledge of BSI IT Grundschutz and ISO/IEC 27001 and working understanding of GDPR, NIS2 and the IT Security Act 2.0
• Technical competence in network security, cryptography, identity & access management, and OT/embedded system constraints
• Experience or interest in mobile/vehicle or industrial control environments (automotive/industrial backgrounds welcome)
• Strong communication and consulting skills; confident when engaging government or regulated clients
• Willingness to travel across Germany and be on site c.2-3 days per week

Desirable (training possible)

• Certifications such as IT Grundschutz Consultant (BSI), ISO/IEC 27001 Lead Implementer/Auditor, CISSP, CISM, CISA or IEC 62443 foundations
• Experience with accreditation / classified material handling (VS NfD / VSA) and security check processes for defence suppliers
• Familiarity with cloud security standards (BSI C5, Gaia X), SOC/SIEM or incident response