connected.
IT Security - Governance, Risk & Compliance Manager (all genders)
All German offices
As Security GRC Manager (all genders) you are part of Roland Berger’s powerful and global IT security team. Together with highly motivated colleagues you can contribute significantly to the security of our IT environment, assets and intellectual property.
Lead Security governance, risk, and compliance (GRC) efforts related to Data Loss Prevention (DLP), eDiscovery, and information governance within an Azure-centric infrastructure.
Define and manage compliance roadmaps, ensuring alignment with standards such as ISO 27001, NIS2, and GDPR.
Support internal stakeholders in maintaining audit readiness and overseeing the implementation of Microsoft Purview, DLP policies, and other M365 security controls.
Collaborate with legal and GRCD teams on eDiscovery and regulatory response workflows.
Provide expert input into customer RFPs and due diligence questionnaires, ensuring alignment with current compliance postures and security controls.
Assist in maturing security policies, procedures, and documentation aligned with Azure and Microsoft 365 technologies.
Qualifications
Proven experience in GRC, information security, or IT compliance roles with hands-on mentality
Strong understanding of Microsoft Purview, Azure Information Protection, and M365 DLP/eDiscovery features or experience with similar tools and environments.
Experience managing or contributing to ISO 27001, or Cyber Essentials certification programs.
Excellent writing and communication skills, especially in responding to security questionnaires and RFPs.
Strong knowledge of data privacy regulations (GDPR, CCPA) and risk assessment methodologies.
Ability to work cross-functionally with technical, legal, and business stakeholders.
Certifications such as CISA, CISM, ISO 27001 Lead Implementer/Auditor, or Microsoft Security certifications are a strong plus.
Additional Information
Have we aroused your interest? We are looking forward to receiving your complete application documents (resume, academic testimonials and work references).
For further details on the position, please visit join.rolandberger.com. If you have any questions, please do not hesitate to contact Julia Obermair by phone: +49 89 9230-9169.
Roland Berger is one of the world's leading strategy consultancies with a wide-ranging service portfolio for all relevant industries and business functions. We cherish different perspectives and approaches and count on the diversity and authenticity of our employees. Driven by our values of entrepreneurship, excellence, and empathy, we at Roland Berger are convinced that business and society need a new sustainable paradigm that takes the entire value cycle into account. Our cross-competence teams work with our clients to successfully address the challenges of our time, today and tomorrow, across all industries and business functions. If you like to take the initiative and make a difference as part of a team, Roland Berger is the right place for you.
Data protection
Protecting your personal data and complying with relevant data protection legislation is something we take very seriously. Before applying, please consult our Privacy Policy for the Applicant Management Process at Roland Berger Group for detailed information on how we process your application and personal data as well as your rights under the relevant data protection legislation.
Technical support
In case of any technical issues or problems submitting your application please contact: Lara Zolnai (+49 89 9230-8457) or Marco Stettler (+41 43 336 86 03).