Matproof is an EU-native compliance automation platform built in Hamburg.
We help companies achieve and maintain compliance with DORA, ISO 27001, SOC 2, NIS2, GDPR, and the EU AI Act — all from one platform hosted in Frankfurt.
As we grow, we're looking for an experienced GRC Consultant to join our team and help clients navigate the complex landscape of EU and international compliance frameworks.
Tasks As a GRC Consultant at Matproof, you will: • Advise clients on governance, risk, and compliance.
Requisitos
across frameworks including DORA, ISO 27001, SOC 2, NIS2, and GDPR • Conduct gap analyses and maturity assessments for clients onboarding to the Matproof platform • Guide clients through implementation of compliance controls and evidence collection workflows • Support clients in preparing for external audits and regulatory inspections (including BaFin) • Collaborate with the product team to translate client compliance needs into platform improvements • Develop and maintain GRC documentation, policies, and procedures on behalf of clients • Monitor regulatory developments across DORA, NIS2, GDPR, and related EU frameworks and communicate updates to clients • Deliver training and workshops on GRC best practices to client teams Requirements We are looking for a candidate who brings: • 3+ years of experience in GRC consulting, information security, or compliance roles • Hands-on knowledge of EU compliance frameworks: DORA, ISO 27001, NIS2, GDPR — SOC 2 experience is a strong plus • Familiarity with regulatory requirements in the financial services sector (BaFin, MaRisk) is highly desirable • Experience conducting risk assessments, internal audits, and gap analyses • Excellent communication
Habilidades
in both English and German (written and spoken) • Strong ability to translate complex regulatory requirements into practical, actionable guidance • Experience working with GRC or compliance automation tools is an advantage • Relevant certifications (e.g., CISA, CISM, ISO...