Senior Information Security Specialist | JobSetuu

Description

Job Overview

• Source: Arbeitnow
• Location: Berlin, Berlin, Germany
• Job Type: Full-Time

Job Description

About the Team

At Doordash and Wolt, we're building the industry's most scalable and reliable delivery network to support our multi-sided marketplace of consumers, merchants, Dashers, and partners. Security, privacy, and compliance are foundational to earning and maintaining trust as we expand globally.

The Governance, Risk, and Compliance team partners across Security, Engineering, Legal, Privacy, Product, IT, Procurement, Internal Audit, and business teams to help DoorDash understand its compliance obligations, manage security and privacy risk, and build durable programs that scale with the company.

About the Role

We're looking for a Senior Specialist, Security & Compliance Risk Management to help mature DoorDash's global security and privacy compliance risk program. You will create and operationalize a global compliance change process framework that helps DoorDash detect changes in our compliance landscape, assess impact, identify gaps, and drive accountable remediation across teams.

This is a senior individual contributor role for someone who has managed global compliance frameworks and security/privacy compliance programs in a technology company. You will bring structure to ambiguous compliance changes, translate requirements into actionable control expectations, facilitate risk workshops, and help leadership understand compliance risk in clear business terms.

This role can be based in Helsinki, Stockholm, Berlin, or London and will report into the GRC leadership team.

What You´ll Be Doing

• Design and operate a global compliance change management framework to identify new or changing security, privacy, regulatory, contractual and framework obligations across DoorDash's markets and products.
• Maintain a structured view of DoorDash's compliance landscape, including obligation inventories, control mappings, ownership models, risk decisions and remediation status.
• Lead compliance-impact assessments for new regulations, framework updates, product launches, market expansions, vendor changes and major technology initiatives.
• Facilitate compliance risk workshops with Engineering, Legal, Privacy, Product, Procurement, IT, Internal Audit and business stakeholders.
• Translate complex regulatory, security, and privacy requirements into practical control expectations and specifications that technical and non-technical teams can implement.
• Identify control gaps, assess residual risk, define remediation plans and track progress through closure with clear accountability.
• Partner with control owners to improve evidence quality, audit readiness, and sustainable operation of controls across global compliance frameworks.
• Help mature DoorDash's risk register, compliance reporting, dashboards, metrics and executive-level risk communications.
• Support control mapping and harmonization across frameworks such as ISO 27001, SOC 2, NIST CSF, PCI DSS, GDPR, UK GDPR, NIS2, DORA, and emerging AI governance requirements.
• Promote a risk-based, pragmatic compliance culture that enables DoorDash teams to move quickly while protecting customers, partners, employees and the business.

Our humble expectations

• You have 6+ years of experience in GRC, security compliance, technology risk, privacy compliance, IT audit, or a related field, preferably in a global technology, marketplace, SaaS, fintech or payments environment.
• You have managed or materially contributed to a global compliance framework or security/privacy compliance management program.
• You have built, operated or significantly improved a compliance change management, obligations management, control mapping or regulatory-change process.
• You have hands-on experience facilitating risk assessments, compliance risk workshops, control self-assessments and remediation planning with cross-functional stakeholders.
• You have strong working knowledge of security and privacy frameworks such as ISO 27001, SOC 2, GDPR or CCPA, and you can quickly assess applicability of new frameworks or regulatory requirements.
• You understand how security and privacy controls operate in modern technology environments, including cloud infrastructure, identity and access management, SDLC, incident response, vendor risk, data governance and business continuity.
• You can translate legal, regulatory and framework requirements into clear, tangible control specifications to engineers and explain technical risk in business terms.
• You communicate clearly, write with precision and can create high-quality policies, procedures, risk memos, control narratives, executive updates, and decision records.
• You are comfortable navigating ambiguity, balancing multiple priorities and driving outcomes without relying on constant direction.
• You build trust with technical and non-technical stakeholders and can facilitate conversations rather than dictate outcomes.

Find more English Speaking Jobs in Germany on Arbeitnow

Expert Career Tips for Senior Information Security Specialist Roles

To succeed in a competitive market as a Senior Information Security Specialist, you need more than just technical skills. Here are some expert strategies to elevate your profile:

• Build a Strong Portfolio: For technical roles, a clean GitHub or a personal project site is essential. For non-technical roles, a case study portfolio demonstrating problem-solving and impact is equally valuable. Show, don't just tell, what you have achieved in your previous positions.
• Master the Narrative: When interviewing, use the STAR method (Situation, Task, Action, Result) to structure your answers. Quantify your results wherever possible—mentioning "increased efficiency by 20%" is much more impactful than saying "improved efficiency."
• Continuous Learning: The industry moves fast. Whether it's staying updated with the latest AI tools or mastering a new management methodology, continuous professional development is key. Consider obtaining industry-recognized certifications that align with Senior Information Security Specialist requirements.
• Networking: Connect with other professionals in similar roles. Join online communities, attend webinars, and engage in meaningful discussions on professional social networks. Often, the best opportunities come through referrals and community engagement.
• Soft Skills Matter: Communication, empathy, and leadership are often the deciding factors between two equally qualified technical candidates. Cultivate these skills as they are universally valued across all industries and seniority levels.

Additionally, research the specific company's culture and values. Tailoring your application to show how you align with their mission can significantly increase your chances of moving forward in the process.

Salary & Compensation

Salary not disclosed; typically competitive for the role.

Work Arrangement

Type: On-Site

Standard business hours at the office.

Comprehensive Application Strategy & Hiring Process

Applying for a new role is a marathon, not a sprint. Follow this strategic approach to maximize your success rate:

1. Initial Research & Tailoring

Don't send the same resume to every employer. Spend at least 30 minutes researching the company. Look for recent news, their product roadmap, and their team structure. Modify your summary and core competencies to reflect the specific keywords found in the job description.

2. The Perfect Cover Letter

If the application allows for a cover letter, use it to tell a story that your resume cannot. Explain why you are passionate about this specific company and how your unique background makes you the perfect fit for the challenges they are currently facing.

3. Navigating the Multi-Stage Interview

Most modern hiring processes involve 3-5 stages. This typically includes a recruiter screen, a technical or skill-based assessment, a peer interview, and a final leadership round. Prepare for each stage differently: focus on enthusiasm and fit for the recruiter, technical depth for the assessment, and strategic vision for the leadership round.

4. Post-Interview Follow-Up

Always send a personalized thank-you note within 24 hours of each interview. Reference a specific topic discussed during the call to demonstrate your active listening and genuine interest in the role.

By following these steps, you demonstrate a high level of professionalism and attention to detail that sets you apart from the average applicant.

Typical Interview Process

1. Resume screening
2. HR call
3. Skill interview
4. Final manager interview
5. Offer

Tip: Research the company's products and culture.

Global Market Intelligence & Relocation Insights

At JobSetuu, we specialize in helping talent navigate the global job market. Here is what you need to know about the current landscape in Berlin, Berlin, Germany and beyond:

The demand for skilled professionals is increasingly borderless. For roles based in Berlin, Berlin, Germany, understanding the local cost of living, visa requirements (if applicable), and cultural nuances is vital. If this is a remote role, consider the time zone alignment and the asynchronous communication culture of the hiring organization.

Relocation Support: Many forward-thinking companies offer relocation packages that include moving stipends, temporary housing, and legal assistance with work permits. When evaluating an offer, look beyond the base salary—consider the total compensation package, including equity, bonuses, and healthcare benefits.

Work-Life Balance Trends: Hybrid and remote work have become standard in many regions. Research the local labor laws and common practices regarding work hours and vacation time to ensure the role aligns with your lifestyle goals.

Leveraging JobSetuu's tools can help you compare salaries across different cities and understand the "purchasing power" of your potential offer, ensuring you make an informed decision for your long-term career path.

Skills & Competency Roadmap for Professional Development

To remain competitive in Professional Development, we recommend focusing on the following core competencies over the next 12-18 months:

• Technical Mastery: Deepen your expertise in the core tools and languages relevant to your field. For developers, this might be cloud architecture; for marketers, it might be data-driven attribution modeling.
• AI Augmentation: Learn how to leverage generative AI and automation tools to increase your productivity. Understanding how to integrate these technologies into your workflow is becoming a non-negotiable skill.
• Leadership & Strategy: Even in individual contributor roles, the ability to think strategically and lead projects from inception to completion is highly valued. Focus on stakeholder management and high-level project planning.
• Data Literacy: The ability to interpret data and use it to drive decisions is essential across all business functions. Familiarize yourself with data visualization and basic analytical concepts.

By investing in these areas, you not only prepare yourself for the role you are applying for today but also build a resilient foundation for the opportunities of tomorrow.

Apply via JobSetuu

Discover your next career milestone on JobSetuu. This Senior Information Security Specialist position is part of our commitment to bringing you the most relevant and high-impact job openings globally. At JobSetuu, we simplify your job search by aggregating premier listings and providing the tools you need to stand out. Don't miss the chance to elevate your professional journey—explore more opportunities and career insights on our platform today.