Compliance & Information Security Lead (Part-Time)

We're building the operating system for public-sector dealmaking and infrastructure projects across Europe. Our modern SaaS platform helps construction, infrastructure, and public-sector organisations manage complex opportunities, partnerships, and financing processes. As we continue to scale across European markets — particularly DACH — compliance, security, and enterprise readiness are becoming increasingly important.

• Experience leading or coordinating ISO 27001 certification processes.
• Background in B2B SaaS, software, or technology companies.
• Strong understanding of compliance, risk management, and information security principles.
• Experience working directly with auditors and enterprise customers.
• Ability to balance regulatory requirements with startup speed and pragmatism.
• Comfortable collaborating with technical teams and understanding engineering environments.
• Strong communication and stakeholder management skills.

Nice to have:

• Experience working with German enterprise customers.
• Previous experience in a CISO, Security Lead, Compliance Lead, or similar role.
• Experience in startup or scale-up environments.
• Knowledge of additional frameworks: SOC 2, GDPR, NIS2, or related standards.
• Technical background in software engineering, infrastructure, or cybersecurity.

• Own and coordinate the ISO 27001 certification process end-to-end.
• Build and maintain the company's compliance and information security framework.
• Develop and implement internal policies, procedures, and controls.
• Work directly with external auditors and certification bodies.
• Partner with product and engineering teams to embed compliance requirements into processes and systems.
• Support enterprise sales efforts by helping customers understand the company's security and compliance posture.
• Identify practical ways to improve security and compliance without unnecessary complexity.
• Monitor evolving regulatory requirements and ensure ongoing compliance.
• Act as the internal subject matter expert for information security and compliance.