Project details

Recommended projects

New

Cyber Security Consultant – Product Security & Regulatory Compliance (m/f/d)

A medical technology company is looking for an experienced Cyber Security Consultant to act as an independent advisor at the intersection of software architecture, DevOps and regulatory affairs. The goal of the project is to develop and secure innovative digital health products (Software as a Medical Device / Connected Devices). This position includes purely specialist consulting, technical assessments and delivery of validated security artifacts, without operational management decisions. The focus is on translating regulatory requirements (FDA, MDR, EU CRA, NIS2) into technical solutions and objectively assessing security risks. - Holistic Threat Modeling: Conduct STRIDE-based analyses for APIs, cloud-native services, AI components and CI/CD pipelines, and maintain formal threat model reports. - Security Architecture & Design: Create technical data flow diagrams (DFD) and security architecture review reports to document security decisions in cloud and container environments. - DevSecOps & Supply Chain Security: Advise on hardening CI/CD pipelines, implementing "security-by-default" and managing SBOM artifacts (third-party risk). - Penetration Testing Support: Define the scope for pen tests and fuzzing, and technically validate the results and CVSS scores. - Vulnerability Management: Assess vulnerabilities (vulnerability impact assessments) and develop remediation plans. - Audit Preparation: Compile technical evidence and documentation for regulatory submissions (FDA, MDR, MDS2).
 Germany
100% remote

Freelance Cybersecurity Consultant for AI Red Teaming

For an AI lab we are looking for cybersecurity consultants to train an AI model (Large Language Model - LLM). You help AI to make sense of the world. As consultant, you may be invited to take part in online projects to train the model in your domain of expertise. This flexible role accommodates both experts seeking part-time engagement (minimum few hours/week) and those interested in full-time opportunities - Evaluate and red team AI models and agents and machine learning systems for vulnerabilities and safety risks. - Create offline reproducible & auto-evaluable test cases to test safety & capability of AI agents. - Develop and implement automation scripts, custom tools, environments and test harnesses. - Lead or contribute to security research initiatives, especially in AI safety, creating and implementing realistic and challenging attack scenarios for the model. - Advise on cybersecurity best practices and policy implications.
AI Lab
100% remote

Cyber Risk Consulting (Senior Level)

- Identification and analysis of cyber risks arising from changes in the digital landscape and the growing capabilities of attackers. - Development and assignment of appropriate countermeasures, as well as creation of roadmaps to effectively address digital threats. - Translation of security incidents and threats into concrete, business-relevant risks with suitable countermeasures. - Continuous improvement of processes for managing the cyber risk lifecycle and increasing the maturity of the Cyber Risk Desk. - Preparation of project reports on the status, impact, and necessary actions related to identified risks. - Preparation of risk analyses and management processes that comply with applicable regulatory standards (SOX, PCI, data protection). - Conducting an initial risk assessment (likelihood, impact, risk level), including a precise description of the risks, impacts, and probability of occurrence. - Evaluation and detailed description of the residual risk after potential implementation of identified risk mitigation measures.
Telecommunications
 Munich, Germany
100% remote

Quality Compliance Auditor (GCP/GCLP/GVP) (M/W/D)

An organization is looking for an experienced Quality Compliance Auditor responsible for ensuring compliance with GCP, GCLP, and GVP standards. The project's goal is to conduct internal and external audits, prepare and support regulatory inspections, and identify compliance gaps and derive corrective actions. The role includes planning and executing audits, supporting regulatory inspections, and ensuring compliance with ICH guidelines as well as EMA/FDA regulations. - Conducting internal and external audits (GCP, GCLP, GVP) - Preparing and supporting regulatory inspections (e.g. MHRA, FDA, EMA) - Identifying compliance gaps and deriving corrective actions
Pharma
 Germany
100% remote

Senior Regulatory Compliance Expert (FDA Inspection Preparation) (m/f/d)

A company is looking for a Senior Regulatory Compliance Expert to support its team in getting ready for FDA inspections. The role includes conducting mock inspections, providing strategic advice on inspection readiness, and assisting with pre-approval and routine inspections. The ideal candidate has extensive expertise in compliance with legal requirements, especially FDA standards, and plays a key role in ensuring the company meets global compliance demands. - Conduct mock inspections according to FDA standards - Provide strategic advice on inspection readiness - Support pre-approval and routine inspections
Pharma
 Munich, Germany
100% remote
New

IT Project Manager ISO 27.001 - Gap Closure (m/f/d)

A company in the automotive supplier industry is looking for support in the field of cyber security. The goal of the project is to close gaps as part of the ISO 27001 certification. The IT Project Manager will play a central role in steering and monitoring the gap closure measures. - Steering and monitoring gap closure measures. - Consistently tracking tasks, deadlines, and responsibilities. - Coordinating between IT, specialist departments, information security, and, if necessary, external service providers. - Ensuring that measures are implemented in an ISO-27001-compliant, auditable, and documented way. - Transparent status reports to program management and stakeholders. - Support in audit preparation (evidence, measure status, maturity level).
 Munich, Germany
20% remote

Fullstack Data Platform Developer & Architect (m/f/d)

We are the agentic data management platform for production and logistics, where AI Agents powered by a domain specific semantic layer clean, prepare and format data, so that ad-hoc business requests that usually take weeks are answered in seconds, enabling fast data-driven decision making. To further shape and scale this product, we are looking for a (senior) freelance Data & Semantic Layer Architect with a strong focus on conceptual and architectural work (not hands-on implementation in this first phase), who will: - design the overall product and solution architecture (semantic layer, data platform, knowledge base, multi-agent workflows, APIs) - define a feature list and solution roadmap for the first product versions - specify an MVP / prototype for the validation phase (scope, tech stack, integrations, risks) - create a high-level effort estimate and team setup (roles, skills, build-vs-buy) - design the core semantic layer (domains, KPIs, metrics logic, data catalog, business rules).
Corporate Venture Studio
 Hamburg, Germany
100% remote
New

Salesforce Service Cloud / Field Service Consultant (m/f/d)

For our client, we are looking for a Salesforce Service Cloud / Field Service Consultant (m/f/d) starting immediately. The role includes analyzing business requirements, developing solutions within the Salesforce platform and collaborating with various stakeholders to ensure seamless integration and use of the tools. - Analysis of business requirements and translating them into technical solutions within Salesforce Service Cloud and Field Service. - Implementation and configuration of Salesforce solutions. - Advising and training end users and stakeholders. - Collaborating with internal and external teams to ensure successful project delivery. - Supporting the integration of Salesforce with other systems.
100% remote

Senior Factor 10 Developer (IPS / IPM) (m/f/d)

An insurance company in Nuremberg is looking for a Senior Factor 10 Developer with expertise in IPS and IPM. The project includes developing and optimizing software solutions in the insurance sector, focusing on high performance and reliability. The role requires solid knowledge of Factor 10 and its applications in the insurance industry. Key responsibilities: - Developing and optimizing applications with Factor 10, especially in IPS and IPM. - Collaborating with interdisciplinary teams to ensure seamless integration and functionality. - Analyzing and resolving complex technical issues. - Providing technical guidance and mentoring to junior developers. - Ensuring compliance with industry standards and best practices.
Insurance
 Nuremberg, Germany
100% remote

Fullstack Engineer (m/f/d)

- Product and web development in the data-driven area - Co-design of the software architecture for new data products - Collaboration in interdisciplinary teams (including data scientists and business developers)
Media Company
 Munich, Germany
100% remote

EHS Specialist – Cell Manufacturing

A company in the automotive and robotics industry is seeking an experienced EHS Specialist to support cell manufacturing processes. The goal of the project is to ensure compliance with environmental, health, and safety regulations and to promote a safety culture within the manufacturing environment. The role requires close collaboration with cross-functional teams to implement and maintain EHS standards, conduct risk assessments, and drive continuous improvement initiatives. Key responsibilities: - Developing, implementing and maintaining EHS policies and procedures tailored specifically to cell manufacturing. - Conducting regular risk assessments and audits to ensure regulatory compliance. - Training and guiding employees on EHS best practices. - Investigating incidents and implementing corrective actions to prevent recurrence. - Collaborating with internal teams to promote a safety and sustainability culture. - Monitoring and reporting on EHS performance metrics.
Automotive & Robotics
 Brandenburg, Germany
80% remote
New

Senior Cloud Developer TypeScript (m/f/d)

At our client, changes in operations support and related work in the cloud native environment are on the agenda. - Development of the delivery pipeline - Development of the applications catalog for ODC - Development of the ITSM/CMDB integration
100% remote

EHS Specialist – Facilities (M/F/D)

A company is looking for an experienced EHS Specialist to ensure safety and environmental standards in a state-of-the-art production facility. The goal of the project is to ensure compliance with legal regulations, minimize risks, and create a safe working environment. In this role, you will work closely with Facility Management and other departments to develop, implement, and monitor safety and environmental programs. Main tasks: - Develop and implement EHS programs and policies. - Conduct risk analyses and safety inspections. - Train employees on safety and environmental regulations. - Monitor compliance with legal and internal regulations. - Collaborate with authorities and external partners. - Prepare reports and documentation on EHS topics.
Automotive & Robotics
 Brandenburg, Germany
80% remote

EHS Specialist – Body in White (M/W/D)

A company is looking for an experienced EHS Specialist to support their Body in White (BIW) operations. Body in White refers to the stage in car manufacturing where the vehicle's sheet metal components are welded together to form the body shell, prior to painting and the installation of the engine, chassis, or interior trim. The goal of the project is to ensure compliance with environmental, health, and safety regulations during this critical manufacturing phase while optimizing processes and maintaining high safety standards. The role involves collaborating with production and engineering teams to identify risks, implement safety measures, and foster a culture of safety within the organization. Key responsibilities: - Conduct risk assessments and ensure compliance with EHS regulations specific to BIW operations. - Develop and implement safety protocols and procedures tailored to BIW processes. - Monitor and report on EHS performance metrics within the BIW stage. - Provide training and guidance to employees on EHS best practices in automotive manufacturing. - Investigate incidents and implement corrective actions to prevent recurrence. - Collaborate with cross-functional teams to improve safety standards and processes in BIW.
Automotive & Robotics
 Brandenburg, Germany
80% remote

Construction & Contractor Safety Specialist (SiGeKo) (M/f/d)

A company in the automotive and robotics industry is looking for an experienced Construction & Contractor Safety Specialist (SiGeKo) to ensure safety on construction sites and when working with contractors. The goal of the project is to implement safety standards, minimize risks and ensure compliance with legal requirements. In this role, you will take responsibility for safety coordination on construction sites and work closely with internal and external stakeholders. - Monitoring and coordinating safety measures on construction sites. - Ensuring compliance with safety regulations and standards. - Conducting safety inspections and audits. - Advising and training employees and contractors on safety matters. - Creating and maintaining safety documentation. - Collaborating with authorities and other relevant organizations.
Automotive & Robotics
 Brandenburg, Germany
80% remote

Business Analyst – SAP S/4HANA Output Management (m/f/d)

- A company is looking for an experienced Business Analyst to support the transformation from SAP ECC to S/4HANA Utilities. - The project goal is to analyze, document, and optimize output and archiving processes, as well as to create functional designs and specifications. - The analyst will work closely with product owners, IT, and business units to align feasibility, effort, and prioritization of requirements.
Energy
 Munich, Germany
100% remote

AI Agent Evaluation Analyst (m/w/d)

We’re on the hunt for QAs for autonomous AI agents for a new project focused on validating and improving complex task structures, policy logic, and agent evaluation frameworks. Throughout the project, you’ll have to balance quality assurance, research, and logical problem-solving. This project opportunity is ideal for people who enjoy looking at systems holistically and thinking through scenarios, implications, and edge cases. You do not need a coding background, but you must be curious, intellectually rigorous, and capable of evaluating the soundness and consistency of complex setups. If you’ve ever excelled in things like consulting, CHGK, Olympiads, case solving, or systems thinking — you might be a great fit. What you’ll be doing: - Reviewing evaluation tasks and scenarios for logic, completeness, and realism. - Identifying inconsistencies, missing assumptions, or unclear decision points. - Helping define clear expected behaviors (gold standards) for AI agents. - Annotating cause-effect relationships, reasoning paths, and plausible alternatives. - Thinking through complex systems and policies as a human would to ensure agents are tested properly. - Working closely with QA, writers, or developers to suggest refinements or edge case coverage.
100% remote
New

Keycloak / IAM Specialist (m/f/d)

- Designing, implementing, and operating identity & access management solutions with LDAP, Kerberos, OIDC, OAuth2, SAML, and SCIM. - Implementing RBAC/ABAC models as well as multi-realm and multi-tenant architectures. - Configuring SSO flows, MFA, and identity federation. - Deploying and running Keycloak on VMs, Docker, and Kubernetes (on-prem & GCP/GKE). - Integrating Keycloak with LDAP, IPA, Active Directory, ADFS, and Entra ID for identity sync and federation. - Securing Keycloak with TLS and managing ingress, SSL termination, and high availability. - Integrating Keycloak with Google Identity as an identity provider or broker. - Mapping Keycloak roles to GCP IAM roles for workload access control. - Integrating HashiCorp Vault to secure secrets, certificates, and service credentials. - Using the Vault PKI to issue and rotate TLS certificates. - Implementing dynamic database secrets via Vault. - Automating secret injection into Kubernetes using Vault Agent, ESO, or sidecar. - Establishing secret and certificate rotation policies to minimize security risks. - Automating Keycloak and Vault with Terraform, Helm, ArgoCD, and Ansible. - Automating configuration of realms, clients, and policies via APIs or Terraform provider. - Integrating IAM and Vault workflows into CI/CD pipelines for standardized application onboarding. - Analyzing and resolving token, federation, and certificate errors. - Monitoring IAM and Vault platforms with Prometheus and Grafana. - Handling incidents for certificate expiry, Vault unseal errors, and migration issues
100% remote

Adobe Experience Cloud Consultant (m/f/d)

The Digital Analytics department uses the Adobe Experience Cloud to implement personalized user experiences. The goal is to increase conversion rates and improve the customer experience through targeted personalization and testing. The technical implementation is carried out independently by specialized consultants. - A central part of the tasks includes maintaining the existing implementation within the Adobe Experience Platform. This especially includes monitoring the data and troubleshooting the source connectors. - As part of preparing new features for use in the Adobe Experience Platform, requirements and data are first translated into Adobe's Experience Data Model. This includes creating entity-relationship diagrams (ERDs) and contextualizing the relevant data. - Based on this, the corresponding schemas are set up within the platform and data sets are prepared for further use. - Other activities include designing and setting up both new activation channels and additional data sources. - Moreover, new business-relevant use cases are developed across the different phases of the customer journey to specifically increase business value. - Creating segments and performing error analysis using targeted SQL queries. - Advising on all newly introduced processing activities, compliance with applicable data protection regulations, required internal approval processes, and documenting legal and technical specifics.
Telecommunications
 Munich, Germany
100% remote

Data Engineer (m/f/d)

A company is looking for an experienced Data Engineer to carry out a migration from Snowflake to ClickHouse. The focus is on using Apache Spark for data processing and on managing and optimizing Kubernetes environments. The goal is to build and operate a powerful and scalable data platform. - Executing the migration from Snowflake to ClickHouse - Developing and optimizing data pipelines with Apache Spark - Managing and optimizing Kubernetes clusters - Ensuring the performance and scalability of the data platform - Implementing solutions in Python - Optional: Working with Snowplow for data analytics
Media / Publishing
 Munich, Germany
100% remote

Dentist for Training AI Models (m/w/d)

For an AI lab we are looking for german speaking dentists to train an AI model (Large Language Model - LLM). As consultant, you may be invited to take part in online projects to train the model in your domain of expertise. This flexible role accommodates both experts seeking part-time engagement (minimum few hours/week) and those interested in full-time opportunities. Although every project is unique, you might typically: - Collaborate with the AI lab to provide domain-specific knowledge in dentistry. - Participate in online training sessions to enhance the AI model's understanding. - Review and validate AI-generated content for accuracy and relevance. - Offer insights and feedback to improve the model's performance. - Engage in flexible project-based work, adapting to unique project requirements.
AI Lab
100% remote

Senior Project Manager Customer Interaction

An organization is looking for support for a project to evaluate, implement, and further develop quality surveys in digital channels. The goal of the project is to increase customer satisfaction in digital channels by evaluating, implementing, and enhancing survey methods to enable consistent measurement of customer satisfaction across all channels. At the same time, areas for improvement should be identified and implemented. The role includes consulting, developing, and implementing measures to collect and improve customer satisfaction in digital channels. Main tasks: - Advising on survey methods to capture customer experience and quality in digital channels, including market standards, benchmarks, and future orientation. - Developing a future model for quality in digital channels, relevant KPIs, survey methods, and standard processes. - Implementing decided measures, including interface management and coordination with technology partners and social partners. - Testing implemented measures to collect data and ensure required standards are met. - Consolidating and listing existing and missing customer survey methods/quality KPIs across all responsible digital channels. - Advising on the creation of decision templates and implementing the necessary actions. - Identifying areas for improvement and developing a standard process for transparency and execution.
Telecommunication
 Munich, Germany
100% remote

Evaluation Scenario Writer (m/w/d)

We’re looking for someone who can design realistic and structured evaluation scenarios for LLM-based agents. You’ll create test cases that simulate human-performed tasks and define gold-standard behavior to compare agent actions against. You’ll work to ensure each scenario is clearly defined, well-scored, and easy to execute and reuse. You’ll need a sharp analytical mindset, attention to detail, and an interest in how AI agents make decisions. Although every project is unique, you might typically: - Designing structured test scenarios based on real-world tasks. - Defining the golden path and acceptable agent behavior. - Annotating task steps, expected outputs, and edge cases. - Working with devs to test your scenarios and improve clarity. - Reviewing agent outputs and adapting tests accordingly
100% remote

AI Evaluation Consultant (m/w/d)

We are seeking an analytical and technically-minded professional to: - Evaluate AI outputs and processes - Ensure quality, accuracy, and reliability - Identify logical errors, risks, and structural inconsistencies - Provide actionable insights and recommendations to the team Ideal candidates: - Consultants, auditors, analysts, data researchers, or business/technical analysts with strong reasoning skills - Professionals curious about AI, process improvement, and quality evaluation - Problem-solvers who enjoy analyzing complex systems, logic, and scenarios Key Responsibilities: - Lead evaluation of AI outputs and related processes - Review tasks against expected/ideal scenarios; identify gaps and risks - Provide structured, actionable recommendations to engineers, domain experts, and managers - Maintain and improve evaluation guidelines, checklists, SOPs - Suggest new approaches, tools, and processes to enhance AI evaluation
AI Labs
100% remote

Commissioning & Qualification (C&Q) Engineer (m/f/d)

A company is looking for an experienced Commissioning & Qualification (C&Q) Engineer to qualify and commission production equipment according to GMP standards. The goal of the project is to ensure the technical and organizational requirements for the GMP-compliant qualification of the production equipment. - Independently conduct commissioning and qualification activities, especially in IOQ - Operate PCS7 systems - Work with single-use equipment - Perform commissioning and qualification activities for production equipment - Ensure all technical and organizational prerequisites for C&Q - GMP-compliant qualification of the associated production equipment
Pharma
 Munich, Germany
100% remote
New

Infor AS Consultant (m/f/d)

A company in the automotive supplier industry is looking for an experienced Infor AS Consultant to support the team in further developing and optimizing ERP functionalities. The project's goal is to ensure long-term system stability and functionality and continuously optimize ERP processes. The Consultant will work closely with the business units to implement system requirements, taking on an advisory and supportive role. The assignment is ideally 50% remote and 50% on-site near Schweinfurt, with at least one on-site visit required each month. - Designing, developing and optimizing ERP functionalities, taking into account legal and organizational requirements - Analyzing and resolving system disruptions and identifying root causes - Supporting business units through customizing and implementing ERP solutions - Providing second-level support for technical inquiries - Developing, administering and enhancing interfaces and maintaining existing integrations - Conducting and evaluating statistical analyses to monitor system functionality - Performing tests and handing over new processes to internal stakeholders - Providing ongoing support and assistance in optimizing active ERP processes
 Schweinfurt, Germany
50% remote

ERP-Transformation Manager (m/w/d)

An established company is looking for an experienced ERP Transformation Manager to take full responsibility for planning and steering a comprehensive ERP transformation program. The project's goal is harmonizing processes, implementing a new ERP system, and meeting IFRS requirements. The ERP Transformation Manager will analyze, redesign, and standardize the commercial core processes in civil and rail construction. This includes translating IFRS requirements into system structures and posting logic, closely coordinating with Finance, Controlling, Project Management, and IT departments. The role includes managing the ERP rollout, including fit-gap analysis, process design, test management, and migration. In addition, a unified reporting and KPI framework for group financial statements and project management will be established. The manager will act as the central interface between operational units, Finance, management, and the group, and will set up a sustainable change and training concept for users. - Planning and steering the ERP transformation program (IFRS transition, process harmonization, ERP rollout) - Analyzing, redesigning, and standardizing commercial core processes - Translating IFRS requirements into system structures and posting logic - Managing the ERP rollout, including fit-gap analysis, process design, test management, and migration - Building a unified reporting and KPI framework - Stakeholder management and ensuring smooth communication - Leading interdisciplinary project teams and managing external consultants and implementation partners - Establishing a sustainable change and training concept - Ensuring measurable process improvements after the ERP system goes live
Infrastrukturbau
 Eisenach, Germany
70% remote

Project Manager Brand Guardianship (m/f/d)

The service is requested as part of the Brand Image Pool Photoshoot project. The project includes: - Managing sub-tasks throughout the entire Image Pool motif shooting project from January to June - Taking on brand guardianship tasks during the pool shooting project period - Specific service description without personal reference: - Independently defining, managing and executing the project. This ranges from project management to creating roadmaps and project presentations - Developing ideas and concepts for initiatives - Actively managing project risks - Actively handling project issues, including providing expert advice on escalations - Preparing and following up on stakeholder and steering board meetings - Defining project scope and overall project phases - Providing transparent and appropriate updates to the client on scope, quality, schedule, budget and status
Telecommunication
 Munich, Germany
100% remote

Freelance Java Developer (m/w/d)

For an AI lab we are looking for Java Developer to train an AI model (Large Language Model - LLM). You help AI to make sense of the world. As consultant, you may be invited to take part in online projects to train the model in your domain of expertise. This flexible role accommodates both experts seeking part-time engagement (minimum few hours/week) and those interested in full-time opportunities. - Code generation and code review - Prompt evaluation and complex data annotation - Training and evaluation of large language models - Benchmarking and agent-based code execution in sandboxed environments - Working across multiple programming languages - Adapting guidelines for new domains and use cases - Following project-specific rubrics and requirements - Collaborating with project leads, solution engineers, and supply managers on complex or experimental projects
AI Lab
100% remote

IT Project Manager ServiceNow (Senior)

- A company in the energy and energy services sector is looking for an experienced IT project manager for a ServiceNow project. - The goal of the project is to lead and successfully implement an enterprise ServiceNow solution with a focus on ITSM and Customer Service Management (CSM). - The role includes planning, controlling, and ensuring a stable project flow in close collaboration with internal and external stakeholders. - Operational & strategic service management of the ServiceNow platform - Process ownership for ITSM and CSM (B2B & B2C) - Process design, governance & continuous optimization - Management of external providers and vendors - Monitoring, KPI analysis & deriving improvements - Ensuring stable platform operation
Energy
 Germany
100% remote

MCP & Tools Python Developer (m/w/d)

We’re on the hunt for hands-on Python engineers for a new project focused on developing Model Context Protocol (MCP) servers and internal tools for running and evaluating agent behavior. You’ll implement base methods for agent action verification, integrate with internal and client infrastructures, and help fill tooling gaps across the team. What you’ll be doing: - Developing and maintaining MCP-compatible evaluation servers - Implementing logic to check agent actions against scenario definitions - Creating or extending tools that writers and QAs use to test agents - Working closely with infrastructure engineers to ensure compatibility - Occasionally helping with test writing or debug sessions when needed Although we’re only looking for experts for this current project, contributors with consistent high-quality submissions may receive an invitation for ongoing collaboration across future projects.
100% remote

Frontend developer to HR platform with Angular experience

Reach out to us if you are interested in working with us on the project.
FRATCH
 Munich
90% remote
Sign up to get access to more exciting projects that match your skills and preferences!

Cyber Security Consultant – Product Security & Regulatory Compliance (m/f/d)

New
Sign up to view the number of applicants
Industry
Healthcare
Area
Information Technology (IT)

Project info

  • Period
    01.03.2026 - 28.02.2027
  • Location
    Germany
  • Languages
    Essential:
    • English
      (Advanced)
    Desirable:
    • German
      (Advanced)
  • Remote
    up to 100%

Description

A medical technology company is looking for an experienced Cyber Security Consultant to act as an independent advisor at the intersection of software architecture, DevOps and regulatory affairs. The goal of the project is to develop and secure innovative digital health products (Software as a Medical Device / Connected Devices). This position includes purely specialist consulting, technical assessments and delivery of validated security artifacts, without operational management decisions. The focus is on translating regulatory requirements (FDA, MDR, EU CRA, NIS2) into technical solutions and objectively assessing security risks.

  • Holistic Threat Modeling: Conduct STRIDE-based analyses for APIs, cloud-native services, AI components and CI/CD pipelines, and maintain formal threat model reports.
  • Security Architecture & Design: Create technical data flow diagrams (DFD) and security architecture review reports to document security decisions in cloud and container environments.
  • DevSecOps & Supply Chain Security: Advise on hardening CI/CD pipelines, implementing "security-by-default" and managing SBOM artifacts (third-party risk).
  • Penetration Testing Support: Define the scope for pen tests and fuzzing, and technically validate the results and CVSS scores.
  • Vulnerability Management: Assess vulnerabilities (vulnerability impact assessments) and develop remediation plans.
  • Audit Preparation: Compile technical evidence and documentation for regulatory submissions (FDA, MDR, MDS2).

Requirements

  • Completed degree (Computer Science, Cyber Security, Engineering).
  • 5–8+ years of project experience in product security, application security or security architecture.
  • Excellent knowledge of threat modeling (STRIDE, PASTA), risk assessments (CVSS) and secure SDLC.
  • Deep expertise in cloud security (Azure/AWS), containerization (Kubernetes/Docker), API security and CI/CD toolchains.
  • Experience with AI/ML security is a plus.
  • Proven experience with medical technology standards (FDA Cybersecurity Guidelines, EU MDR, ISO 14971, IEC 62304) or comparable critical standards (ISO 21434, IEC 62443).
  • Ability to independently drive technical topics as an independent consultant, as well as a structured, "audit-ready" documentation style.
  • Fluent English (C1/C2) is required (project and documentation language).
  • Fluent German (B2/C1) is desirable.
  • Relevant certifications such as CISSP, CCSP, CSSLP, CISM or OSCP are highly desired.