Security Consultant

Cyber Security Manager (GRC) (m/f/d) | Publishing Sector | Munich / Remote | 3–6 Month Contract

Our client is a leading organization in the publishing sector seeking a Cyber Security Manager (GRC) to support and stabilize their security program with a strong focus on Trust & Assurance, third-party risk management, and client-facing security processes during a critical growth phase.

Project Details:

Duration: 3–6 months (interim support, potential extension)

Workload: 5 days per week (full-time)

Location: Munich (initial onboarding onsite) | Fully Remote possible thereafter

Start: ASAP (target mid-May)

Responsibilities:

• Act as Security Officer / ISMS representative, supporting governance, risk, and compliance activities.
• Take ownership of Trust & Assurance topics, including security questionnaires, trust center content, and evidence management.
• Manage and respond to complex client security questionnaires (up to several hundred questions), ensuring accuracy and consistency.
• Build, maintain, and continuously improve a structured Security Trust & Assurance Package.
• Establish and optimize scalable processes for handling third-party risk and client security requests.
• Collaborate closely with Sales and business stakeholders to support client-facing security and compliance requirements.
• Review contracts and identify required security controls and compliance obligations.
• Coordinate with internal and external stakeholders to ensure timely and high-quality responses.
• Reduce response times and improve efficiency of existing questionnaire handling processes.
• Support ongoing ISMS activities and ensure alignment with ISO 27001 standards.
• Utilize tools such as Jira, Confluence, and ISMS platforms to manage workflows and documentation.

Requirements:

• Proven experience in Cyber Security, GRC, or Information Security Management (ISMS).
• Hands-on experience with security questionnaires and third-party risk management processes.
• Strong understanding of Trust & Assurance concepts, including trust centers and evidence handling.
• Experience working with ISO 27001 frameworks and compliance requirements.
• Ability to review contracts and translate requirements into security controls.
• Familiarity with tools such as Jira, Confluence, and ISMS systems.
• Strong process-oriented mindset with the ability to build and optimize workflows.
• Experience collaborating with Sales or client-facing teams is highly desirable.
• Relevant certifications such as CISSP or ISO 27001 are a plus.
• Fluent German required; English proficiency expected.