Compliance Officer (Essen)

Full-time, Germany

Do you want to be part of a consultancy at the cutting edge of information security? At Context, we pride ourselves on our unique and meticulous approach to helping our clients solve their most complex information security challenges.

As an integral member of our centrally managed Security & Compliance team you will be responsible for ensuring that our German teams operate in compliance with all applicable certifications, regulation, industry standards and best practice.

Supported by the other Security & Compliance team members, you will assist the growth of Context’s operations in Germany through the implementation of new certifications.
This is an excellent opportunity for someone looking to apply their knowledge and experience to incite change within a global organisation.

Key Responsibilites

  • Manage the implementation of certification to the penetration testing scheme of the German Federal Office for Information Security (Zertifizierung als Penetrationstester des Bundesamt für Sicherheit in der Informationstechnik) and the Trusted Information Security Assessment Exchange (TISAX) with support from the central Security & Compliance team
  • Act as an EU based Data Protection Officer (DPO), working collaboratively with the UK based DPO to capture legal requirements specific to Germany
  • Work alongside the central Security & Compliance team to support the ongoing maintenance of ISO 27001 and ISO 9001 certifications at our German offices
  • Ensure that internal policy, procedures and records relating to compliance obligations are established and maintained
  • Host audit visits and ensure actions arising are tracked and addressed by the relevant teams in a timely manner
  • Provide advice on compliance related matters to all colleagues
  • Provide compliance related input to client RFPs, enquiries and/ or audits
  • Deliver induction sessions, training and awareness campaigns to German based colleagues
  • Assist the central Security & Compliance team to develop and maintain incident response, business continuity and disaster recovery plans encompassing the requirements of the German based teams
  • Participate in identifying and mitigating risks applicable to Context’s German operations
  • Work with internal teams and external parties to implement changes to continuously improve working practices throughout the organisation
  • Maintain a strong working relationship with external interested parties, including clients and external audit and certification bodies
  • Support continuing development of a compliant culture, communicating this to colleagues and helping them to understand their involvement and responsibilities
  • Experience

  • Experience of managing legal data protection/ GDPR requirements – Essential
  • Knowledge and understanding of standards including BSI Grundschutz, ISO 27001, ISO 9001 and ISO 22301 – Desirable
  • Experience of working within an organisation with global operations
  • Skills

  • Strong verbal and written communication skills in both English and German
  • Ability to work well under remote supervision
  • Approaches challenges as opportunities
  • Proactively committed to continuous learning
  • Comfortable working in a collaborative, fast paced environment
  • Location

  • The role is based in our Essen office.
  • A competitive salary and package aligned to market rates and including annual review. 

    Additionally, Context hosts a comprehensive bonus scheme and benefits including: up to 35 days annual leave; company pension scheme (contributory of up to 10%); company share plan; numerous voluntary benefits including subsidy for sport programmes, Childcare grant, Rail card; sabbatical options and exchange programmes between Context’s various locations.

    Employees also benefit from an individually tailored learning and development plan which can include financial support with tuition/exam fees and access to various conference opportunities. 

    Company ethos is paramount and so, in addition to these bonuses and benefits, Context offers a flexible working environment, regular social activities and various day to day extras such as free refreshments, fresh fruit delivered to the office and standing desks.

    Employees shall comply with applicable data protection legislation in the course of their employment including the General Data Protection Regulation.  In particular, they shall inform the data protection officer of any processing activities which uncover personal data. 

    HAVE YOU GOT
    WHAT IT TAKES?

    Take the Context challenge and test your skills

    Take the challenge
    CREST
    CREST STAR
    CHECK IT Health Check Service
    CBEST
    Cyber Essentials
    CESG Certified Service
    First - Improving Security Together
    BSI ISO 9001 FS 581360
    BSI ISO 27001 IS 553326
    PCI - Approved Scanning Vendor
    NCSC CCSC - Assured Service Provider