The Role
Advise clients on EU and international compliance (DORA, ISO 27001, NIS2, GDPR, SOC 2), perform gap analyses and risk assessments, guide control implementation and evidence collection, prepare clients for audits/regulatory inspections, produce GRC documentation, monitor regulatory changes, and deliver training and workshops.
Summary Generated by Built In
Matproof is an EU-native compliance automation platform built in Hamburg. We help companies achieve and maintain compliance with DORA, ISO 27001, SOC 2, NIS2, GDPR, and the EU AI Act — all from one platform hosted in Frankfurt. As we grow, we're looking for an experienced GRC Consultant to join our team and help clients navigate the complex landscape of EU and international compliance frameworks.
Tasks
As a GRC Consultant at Matproof, you will:
• Advise clients on governance, risk, and compliance requirements across frameworks including DORA, ISO 27001, SOC 2, NIS2, and GDPR
• Conduct gap analyses and maturity assessments for clients onboarding to the Matproof platform
• Guide clients through implementation of compliance controls and evidence collection workflows
• Support clients in preparing for external audits and regulatory inspections (including BaFin)
• Collaborate with the product team to translate client compliance needs into platform improvements
• Develop and maintain GRC documentation, policies, and procedures on behalf of clients
• Monitor regulatory developments across DORA, NIS2, GDPR, and related EU frameworks and communicate updates to clients
• Deliver training and workshops on GRC best practices to client teams
Requirements
We are looking for a candidate who brings:
• 3+ years of experience in GRC consulting, information security, or compliance roles
• Hands-on knowledge of EU compliance frameworks: DORA, ISO 27001, NIS2, GDPR — SOC 2 experience is a strong plus
• Familiarity with regulatory requirements in the financial services sector (BaFin, MaRisk) is highly desirable
• Experience conducting risk assessments, internal audits, and gap analyses
• Excellent communication skills in both English and German (written and spoken)
• Strong ability to translate complex regulatory requirements into practical, actionable guidance
• Experience working with GRC or compliance automation tools is an advantage
• Relevant certifications (e.g., CISA, CISM, ISO 27001 Lead Auditor, CRISC) are a plus
• A proactive, client-focused mindset with strong organizational skills
Benefits
At Matproof, you’ll enjoy:
• A meaningful role at the intersection of cutting-edge compliance technology and real-world regulatory impact
• Flexible working arrangements with a hybrid setup from our Hamburg HQ
• Competitive salary and benefits package
• A collaborative, international team with flat hierarchies
• Continuous learning budget for certifications, conferences, and professional development
• Direct influence on product development through close collaboration with the engineering and product teams
• 14-day free trial of Matproof for your own personal compliance projects (just kidding — you’ll have full access)
If you're passionate about EU compliance and want to help companies stay audit-ready without the painful manual work, we'd love to hear from you. Apply now with your CV and a short cover letter outlining your GRC experience. We aim to respond to all applications within 5 business days.
Tasks
As a GRC Consultant at Matproof, you will:
• Advise clients on governance, risk, and compliance requirements across frameworks including DORA, ISO 27001, SOC 2, NIS2, and GDPR
• Conduct gap analyses and maturity assessments for clients onboarding to the Matproof platform
• Guide clients through implementation of compliance controls and evidence collection workflows
• Support clients in preparing for external audits and regulatory inspections (including BaFin)
• Collaborate with the product team to translate client compliance needs into platform improvements
• Develop and maintain GRC documentation, policies, and procedures on behalf of clients
• Monitor regulatory developments across DORA, NIS2, GDPR, and related EU frameworks and communicate updates to clients
• Deliver training and workshops on GRC best practices to client teams
Requirements
We are looking for a candidate who brings:
• 3+ years of experience in GRC consulting, information security, or compliance roles
• Hands-on knowledge of EU compliance frameworks: DORA, ISO 27001, NIS2, GDPR — SOC 2 experience is a strong plus
• Familiarity with regulatory requirements in the financial services sector (BaFin, MaRisk) is highly desirable
• Experience conducting risk assessments, internal audits, and gap analyses
• Excellent communication skills in both English and German (written and spoken)
• Strong ability to translate complex regulatory requirements into practical, actionable guidance
• Experience working with GRC or compliance automation tools is an advantage
• Relevant certifications (e.g., CISA, CISM, ISO 27001 Lead Auditor, CRISC) are a plus
• A proactive, client-focused mindset with strong organizational skills
Benefits
At Matproof, you’ll enjoy:
• A meaningful role at the intersection of cutting-edge compliance technology and real-world regulatory impact
• Flexible working arrangements with a hybrid setup from our Hamburg HQ
• Competitive salary and benefits package
• A collaborative, international team with flat hierarchies
• Continuous learning budget for certifications, conferences, and professional development
• Direct influence on product development through close collaboration with the engineering and product teams
• 14-day free trial of Matproof for your own personal compliance projects (just kidding — you’ll have full access)
If you're passionate about EU compliance and want to help companies stay audit-ready without the painful manual work, we'd love to hear from you. Apply now with your CV and a short cover letter outlining your GRC experience. We aim to respond to all applications within 5 business days.
Skills Required
- 3+ years of experience in GRC consulting, information security, or compliance roles
- Hands-on knowledge of DORA, ISO 27001, NIS2, GDPR
- SOC 2 experience
- Familiarity with financial services regulatory requirements (BaFin, MaRisk)
- Experience conducting risk assessments, internal audits, and gap analyses
- Excellent written and spoken English and German
- Ability to translate complex regulatory requirements into practical guidance
- Experience with GRC or compliance automation tools
- Relevant certifications (e.g., CISA, CISM, ISO 27001 Lead Auditor, CRISC)
- Proactive, client-focused mindset with strong organizational skills
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Matproof is a compliance management platform for companies navigating EU regulation. We turn complex frameworks like NIS2, DORA, GDPR, and the EU AI Act into structured workflows - requirements mapped, controls linked, tasks assigned, audit-ready. Instead of spreadsheets and consultants, teams use Matproof to centrally manage compliance across multiple frameworks at once. Every requirement is traceable, every control is documented, every audit has a clear trail. Built in the EU. Hosted in the EU. For companies that take compliance seriously. Start free at matproof.com
