GRC Consultant

Matproof is an EU-native compliance automation platform built in Hamburg. We help companies achieve and maintain compliance with DORA, ISO 27001, SOC 2, NIS2, GDPR, and the EU AI Act — all from one platform hosted in Frankfurt.

Tasks

As a GRC Consultant at Matproof, you will:

• Advise clients on governance, risk, and compliance requirements across frameworks including DORA, ISO 27001, SOC 2, NIS2, and GDPR
• Conduct gap analyses and maturity assessments for clients onboarding to the Matproof platform
• Guide clients through implementation of compliance controls and evidence collection workflows
• Support clients in preparing for external audits and regulatory inspections (including BaFin)
• Collaborate with the product team to translate client compliance needs into platform improvements
• Develop and maintain GRC documentation, policies, and procedures on behalf of clients
• Monitor regulatory developments across DORA, NIS2, GDPR, and related EU frameworks and communicate updates to clients
• Deliver training and workshops on GRC best practices to client teams

Requirements

We are looking for a candidate who brings:

• 3+ years of experience in GRC consulting, information security, or compliance roles
• Hands‑on knowledge of EU compliance frameworks: DORA, ISO 27001, NIS2, GDPR — SOC 2 experience is a strong plus
• Familiarity with regulatory requirements in the financial services sector (BaFin, MaRisk) is highly desirable
• Experience conducting risk assessments, internal audits, and gap analyses
• Excellent communication skills in both English and German (written and spoken)
• Strong ability to translate complex regulatory requirements into practical, actionable guidance
• Experience working with GRC or compliance automation tools is an advantage
• Relevant certifications (e.g., CISA, CISM, ISO 27001 Lead Auditor, CRISC) are a plus
• A proactive, client-focused mindset with strong organizational skills

Benefits

At Matproof, you’ll enjoy:

• A meaningful role at the intersection of cutting‑edge compliance technology and real‑world regulatory impact
• Flexible working arrangements with a hybrid setup from our Hamburg HQ
• Competitive salary and benefits package
• A collaborative, international team with flat hierarchies
• Continuous learning budget for certifications, conferences, and professional development
• Direct influence on product development through close collaboration with the engineering and product teams
• 14‑day free trial of Matproof for your own personal compliance projects (just kidding — you’ll have full access)