Senior Security Engineer & ISMS-Verantwortlicher (f/m/d)
Job Description, Responsibilities & Requirements
About the Position
Senior Security Engineer & ISMS-Verantwortlicher (f/m/d)
COMPARUS GmbH is seeking a Senior Security Engineer & ISMS-Verantwortlicher to join our team. This role is full-time and offers hybrid work options, with the possibility to work remotely in Germany or in our Hamburg office.
Responsibilities
As a Senior Security Engineer & ISMS-Verantwortlicher, you will:
- Design and implement security systems that are technically robust and strategically sound.
- Analyze and prioritize vulnerabilities in networks, applications, and APIs based on real risk.
- Develop zero-trust architectures and secure hybrid cloud environments (AWS, GCP, Kubernetes, OpenStack).
- Integrate security deeply into CI/CD processes in collaboration with DevOps and engineering teams.
- Conduct threat modeling, security reviews, and incident analysis.
- Manage the Information Security Management System (ISMS) in accordance with ISO 27001:2022.
- Integrate regulations such as NIS2, DORA, and the EU AI Act.
- Perform risk analyses, audits, and develop policies for internal and client audits.
- Provide awareness and training for the team.
Requirements
Essentials:
- Several years of experience in security engineering, particularly in cloud, application, network, or DevSecOps.
- Practical experience in at least two of the following areas: cloud security, application security, vulnerability management, DevSecOps, network security.
- ISO 27001 Lead Implementer / Lead Auditor or comparable ISMS experience.
- Experience with regulated sectors, ideally the financial or banking sector.
- Proficiency with tech stack: AWS or GCP, Kubernetes, Linux, APIs, CI/CD.
- Fluency in German (C1) and professional proficiency in English.
Nice to Have:
- Knowledge of NIS2, DORA, BSI Basic Protection, EU AI Act.
- Experience with incident response and forensic investigations.
- Understanding of data loss prevention in complex platform environments.
We Offer
- Permanent, full-time position with remote work options in Germany or hybrid in Hamburg (travel under 10%).
- 30 days of holiday, occupational pension scheme, childcare allowance, further training & certification.
- An opportunity to design security architecture and ISMS for a growing AI product with real impact.
- A collaborative engineering team that views security as a partner, not just a control function.
About the Company
At COMPARUS GmbH, we are developing an AI-native platform for banks and financial service providers. Our team sees security as an architectural feature, not a hindrance. We are looking for someone who understands the intersection of technical architecture and compliance to help us navigate the growing complexity of our platform and regulatory demands.
If you view security as a systemic component of modern platforms and are ready to take on regulatory responsibility, we want to hear from you.
Easy Apply with your CV or LinkedIn profile – it takes less than 60 seconds.
#SecurityEngineering #CloudSecurity #DevSecOps #ISO27001 #ISMS #ZeroTrust #Kubernetes #NIS2 #DORA #ApplicationSecurity #PlatformSecurity