Cyber Security Consultant

Senior Security Consultant – Financial Services (Germany)We build security that survives audits and real attacks. If you can move a bank from “we should” to “we did,” keep reading.Why this role existsGerman banks and insurers are modernizing fast, and the threat surface is outpacing governance. We need a senior consultant who can translate regulatory pressure and technical reality into defensible architectures, measurable controls, and calm stakeholders.What you’ll ownClient outcomes: Raise the organization’s security posture with practical controls, not just paperwork. You’ll design, implement, and tune.Advisory & reviews: Run targeted assessments; turn findings into a 90-day remediation plan with budgets, owners, and KPIs.Identity & privilege: Make IAM/PAM boring and reliable—policies, RBAC/ABAC, joiner-mover-leaver, break-glass, session monitoring.Detection & response: Stand up or uplift SOC/SIEM use cases, onboarding, triage playbooks, and metrics (MTTD/MTTR).Cloud guardrails: Land secure-by-default patterns in Azure/AWS/GCP (networking, identities, secrets, logging, data protection).Regulatory mapping: Convert German/EU supervisory IT requirements into technical backlog items and audit-ready evidence.Team leadership: Be the subject-matter lead in agile project squads; mentor consultants and guide delivery quality.How you’ll workHybrid/remote within Germany with client travel when the work actually benefits from it. You’ll have latitude to pick methods and tools, so long as results are tangible and auditable.Must-have credentialsTrack record: 5–8+ years delivering security outcomes in banking/insurance digitization programs.Hands-on depth: You’ve implemented controls—identity, privileged access, logging, alerting, encryption, network segmentation—not just advised.Standards fluency: ISO 27001 and NIST CSF are tools you can wield, not wall art.Regulatory context: Comfortable translating German and EU supervisory IT expectations (e.g., banking/insurance IT requirements and operational resilience rules) into engineering tasks and evidence.Languages: German (C1+) and English (professional working).Client presence: You can challenge thinking, hold the line on risk, and still keep the room.Nice-to-have signalsCISSP/CISM/ISO 27001 Lead Implementer/Lead Auditor; experience with Azure AD/Entra, AWS Organizations, GCP IAM; Splunk/QRadar/Sentinel/Elastic; Terraform/Policy as Code; secrets management; data protection in cloud (KMS/HSM, tokenization).What you’ll getReal autonomy: Ownership of outcomes and the space to design how to achieve them.Growth platform: Mentoring, paid certifications, and access to modern stacks.Flexible rhythm: Core collaboration hours; remote-first with purposeful onsite time.Community: A senior bench that shares patterns, not slideware.