Contract

Interim CISO 9-Month Contract / Hybrid Location: Munich, Oslo, Stockholm, London A rare opportunity to operate at the intersection of cybersecurity and investment - advising high-growth companies, shaping deal decisions and building lasting capability across a dynamic portfolio. Our client is a well-regarded European investor backing some of the most exciting technology-driven businesses on the continent. With a hands-on approach to value creation, they embed senior expertise directly into their portfolio — and cybersecurity is central to that strategy. This is not a traditional CISO role. You won't be managing internal IT or writing policies for a single organisation. Instead, you'll work across a portfolio of ambitious, fast-moving companies - helping founders and leadership teams build security programmes that are practical, proportionate and commercially relevant. Key Responsibilities: Provide cybersecurity input across the full investment lifecycle, from early screening through to due diligence Translate technical findings into clear, decision-useful insights for investment professionals Act as a trusted advisor to portfolio company leadership, supporting prioritisation and execution of meaningful security improvements Advise on regulatory change, customer requirements and how to scale security capabilities effectively Build and lead a cybersecurity community across portfolio companies, driving knowledge sharing and peer learning Monitor developments in AI and emerging technology, helping companies adopt new tools securely and strategically What We're Looking For: Proven experience as a CISO, Head of Cybersecurity or equivalent senior role Strong technical grounding alongside genuine commercial awareness - you understand the business, not just the risk Experience in high-growth, scale-up or multi-stakeholder advisory environments The ability to assess cybersecurity through an investment lens, weighing risk, value and trade-offs A pragmatic, outcomes-focused approach — you know when good enough is the right answer Confidence engaging with founders, executives and investors alike Familiarity with AI-driven security tools and workflows Consultancy experience is a plus, but not a prerequisite What's on Offer? A genuinely varied, high-impact role - no two days or companies are the same The chance to position cybersecurity as a growth enabler, not just a control function A seat at the table on live investment decisions Flexible hybrid working across multiple European locations A 9-month engagement with a well-respected firm at the forefront of technology investment

Cyber Defense Consultant – Remote Freelance Position | Cologne, Germany | €700–800 per day Job Overview We are seeking an experienced Cyber Defense Consultant for a freelance engagement supporting cybersecurity operations for a client based in Cologne, Germany. This is a highly technical, hands-on security engineering and consulting role requiring deep expertise in incident response, threat detection, vulnerability management, and defensive security operations. You will be directly involved in investigating security incidents, performing forensic analysis, conducting vulnerability assessments, and working hands-on with security tools and systems. This role requires someone who can hit the ground running, provide immediate technical value, and deliver professional consulting services while defending against complex security threats. Key Responsibilities Hands-On Incident Response & Investigation Investigate and respond to security incidents from detection through containment and remediation Perform forensic analysis on compromised systems, including memory dumps, disk images, and log analysis Conduct malware analysis and reverse engineering to understand attack vectors and tactics Execute incident response procedures and technical playbooks during active security events Analyse security alerts from SIEM, EDR, and other security tools to identify genuine threats Perform root cause analysis and document technical findings for post-incident reports Engage directly with affected systems to contain threats and support recovery Security Tools & Platform Engineering Hands-on configuration and optimisation of the Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps) Build and tune detection rules, hunting queries, and automated response workflows Configure and maintain SIEM platforms, correlation rules, and security use cases Integrate security tools and orchestrate automated response capabilities Troubleshoot technical issues across security infrastructure and monitoring tools Test and validate security controls and detection capabilities Vulnerability Assessment & Testing Perform hands-on vulnerability scanning across infrastructure and applications Conduct penetration testing exercises to identify security weaknesses Exploit and validate vulnerabilities to assess real-world risk Analyse scan results and manually verify findings Work with technical teams to validate and test remediation efforts Maintain and configure vulnerability scanning tools and assessment platforms Threat Hunting & Proactive Defense Conduct proactive threat hunting activities across the environment Analyse network traffic, system logs, and endpoint telemetry to identify anomalies Investigate suspicious activity and potential indicators of compromise Develop and execute custom detection logic and hunting hypotheses Perform deep-dive analysis of advanced persistent threats Build custom scripts and tools to support security operations SOC Provider & Technical Coordination Work directly with external SOC analysts during incident investigations Provide technical guidance and escalation support for complex security events Review and validate alerts and findings from SOC providers Collaborate on tuning detection rules and reducing false positives Participate in technical reviews of SOC performance and capabilities Share threat intelligence and technical indicators with SOC partners Essential Requirements Technical Experience Minimum 10 years of hands-on cybersecurity experience, with at least 5 years in incident response Proven experience investigating and responding to complex security incidents Hands-on experience with vulnerability assessments and penetration testing Direct experience configuring and managing security tools (SIEM, EDR, IDS/IPS, etc.) Experience working technically with external SOC providers Strong hands-on experience with Microsoft Defender (Endpoint, Office 365, Identity, Cloud Apps) Experience performing forensic analysis and malware investigations Ability to work independently and integrate quickly into new environments Previous freelance or consulting experience in similar roles Core Technical Skills Expert understanding of incident response methodologies (NIST, SANS) Hands-on SIEM experience (Splunk, Sentinel, QRadar) Strong scripting skills (PowerShell, Python, Bash) Deep technical knowledge of Windows, Linux, and networking Experience with forensic tools (EnCase, FTK, Volatility) Packet analysis skills (Wireshark, tcpdump) Malware analysis techniques and tooling Penetration testing tools (Metasploit, Burp Suite, Nmap) Strong knowledge of MITRE ATT&CK and kill chain models Practical cloud security experience (Azure, AWS, or GCP) Language Requirements Fluent English (written and spoken) German language skills are essential Security Frameworks & Standards Practical knowledge of ISO 27001, NIST CSF, and CIS Controls Understanding of GDPR, PCI-DSS, SOX, and related regulations Experience validating and testing security controls Consulting Skills & Attributes Hands-on technical problem solver Able to make decisions under pressure during live incidents Self-starter who adapts quickly to new environments and tools Strong client-facing communication skills Professional consulting demeanour and presentation style Highly analytical with strong attention to detail Comfortable working in command-line environments Passion for emerging threats and attack techniques Excellent documentation and report-writing skills Ability to provide strategic security recommendations alongside implementation Desirable Banking or financial services sector experience Experience with SOAR platforms and security automation Background in offensive security or red teaming CTF participation or security research contributions Experience with threat intelligence platforms Cloud-native and container security experience Freelance Engagement Details Engagement Type: Freelance contract (Freiberufler) Location: Cologne, Germany (Köln) Duration: 12 months Work Model: Remote (German-speaking environment) Start Date: March 2026 Rate: Competitive daily rate based on experience Requirements: Valid German work permit or EU right to work Business Registration: Freiberufler or own company (GmbH / UG)