Junior Compliance Manager​/Information Security Officer; m​/f​/d

Junior Compliance Manager / Information Security Officer (m/f/d)
Starting immediately – Permanent – Full-time – Remote – Germany Welcome to Xiting’s Career Page!

In this newly created position, you will support our CISO in building and continuously developing the company-wide compliance management framework as well as an Information Security Management System (ISMS) in accordance with ISO 27001. You will gain valuable hands‑on experience and insights into topics such as data protection, TISAX, DORA, and NIS
2.

Working closely with colleagues from various departments, you will contribute to the implementation of compliance and security requirements. Your responsibilities will include supporting process documentation, assisting with initial risk assessments and internal audits, and helping to create and maintain policies and governance documents. You will also be involved in employee training and awareness initiatives.

• Supporting the design, implementation, and continuous improvement of the Information Security Management System (ISMS)
• Contributing to the further development of the IT security and compliance strategy in line with the company’s overall strategy and business processes
• Assisting in ensuring a consistent and high-quality information security and compliance management framework
• Supporting the definition of security and compliance objectives as well as the development of related policies and guidelines
• Assisting in the implementation and operation of an ISO 27001‑compliant ISMS and supporting additional standards and frameworks (e.g. TISAX, DORA, NIS2)
• Supporting the definition and implementation of processes, controls, and systems in the areas of information security and compliance
• Participating in internal audits and controls, including risk assessments and the preparation of risk reports
• Supporting and advising on data protection topics (GDPR) and other regulatory requirements
• Contributing to employee awareness and training initiatives related to security and compliance
• Assisting in the creation and maintenance of policies, standard operating procedures (SOPs), and governance documentation
• Conducting information security and compliance assessments for projects, systems, and general topics

• Completed degree or comparable qualification with relevant practical experience
• Initial experience in compliance, IT security, data protection, or risk management
• Basic understanding of information security policies and processes
• Knowledge of ISO 27001, GDPR, TISAX, or NIS2 is a plus
• Ability to communicate complex topics clearly to diverse stakeholders
• Analytical, structured, and solution‑oriented mindset
• Very good German and English skills (min. B2)
• Interest in certifications and further training in information security/compliance