Data Protection & Export Control Engineer m/f/d)

Mission Brief

You are the technical architect and auditor of our data sovereignty.

At Isar Aerospace, protecting our "Crown Jewels" from personal employee data to regulated rocket propulsion schematics is mission-critical. We are looking for a Data Protection & Export Control Engineer who bridges the gap between our Legal Team and external DPO, the Works Council, and our IT operations.

You are not a lawyer, but you work in close partnership with our Data Protection Office (DPO) and Legal team, taking their regulatory requirements and translating them into precise technical configurations for our IT systems. They define the "what" (Regulations). you define the "how" (Technical Solutions).

Your Role in Our Space Mission: 

• Translate Legal to Technical: Partner with our external DPO and Legal team to digest complex regulations (GDPR, Export Control/ITAR). Translate their written policies into hard technical specifications for IT (e.g., "Configure this specific regex for DLP," "Apply this encryption standard for Label X").
• Audit & Solution Design: You don't just find problems; you design the fixes. Act as the technical auditor for our enterprise systems. When you identify a gap, you provide with the exact technical configuration required to close it.
• Legacy Data Remediation: You won't just build for the future; you will fix the past. Lead the technical discovery and cleanup of legacy data repositories (e.g., old file servers), defining the migration, labelling, or deletion strategies for IT to execute.
• Secure the Engineering Stack: Extend data protection controls beyond Office documents to our core engineering environments (PLM, CAD, Git). Design solutions to protect rocket schematics without breaking the engineers' workflow.
• Partner with the Works Council: Serve as the technical voice in Works Council consultations. You will demonstrate how our security tools (like DLP or Insider Risk) are configured to respect employee privacy while ensuring security.
• Lifecycle Management Architect: You won't just protect data; you will define when it dies. Design and implement automated retention and deletion policies to ensure we don't hold data liability longer than necessary.
• Lead Data Protection Impact Assessments (DPIAs): Own the technical side of the DPIA process. You will assess new tools and processes, identify privacy risks and define mandatory technical mitigations before go-live.
• Enforce Export Control Boundaries: Design the technical segregation architectures required by BAFA and ITAR. You will define the access control models that IT implements to ensure restricted technical data never crosses a non-compliant border.
• Conduct Technical Audits: Act as the technical auditor. You will inspect the configurations applied by IT in our enterprise systems (Microsoft Purview, Netskope, Jira, etc.) to verify they match your specifications.

Qualification Checklist 

• Experience:  5+ years in Cybersecurity, IT Audit, or Compliance Engineering, with a specific focus on Data Protection
• Navigating Ambiguity: You don't just stop at "computer says no." When a regulation conflicts with a business goal, you find the creative technical solution that satisfies both.
• Technical Audit Expertise: You may not be a sysadmin, but you know exactly where to look in the admin console to verify a setting. You can audit configurations in Microsoft 365, SharePoint, and SaaS tools to prove compliance.
• DPIA Mastery: Proven experience conducting Data Protection Impact Assessments (DPIAs) for complex technical systems. You know how to identify privacy risks in software architecture and propose technical solutions.
• Deep Microsoft Purview Knowledge: You understand the capabilities and limitations of the Microsoft compliance stack (Sensitivity Labels, DLP, Insider Risk) well enough to design complex policies to implement.
• Export Control Fluency: Familiarity with the technical implications of Export Control regimes (German BAFA, US ITAR/EAR). You understand how to translate "US Eyes Only" into a SharePoint permission structure.
• Language: Fluent English is mandatory. German is a strong plus for reading local regulations.

Bonus Skills

• SASE Knowledge: Understanding of how SASE platforms (e.g., Netskope, Zscaler etc.) enforce data protection at the network edge.
• Certifications: CIPP/E or CIPM (Privacy) combined with technical audit certs like CISA or Microsoft SC-400.
• Digital Rights Management (DRM): Experience implementing technical rights management (e.g., Seclore, Microsoft RMS).

Benefits 

• Employee Participation Program: Share in our success through our virtual company share program
• 30 days of vacation: Enjoy the days off to relax and recharge
• Company pension plan: Secure your future with our company pension plan, featuring a 20% employer contribution after the probation period
• Subsidised lunch: Stay energised with delicious, subsidised lunches every day
• Public transport ticket: Commute with ease using a fully financed Deutschlandticket
• Sport Clubs membership: Stay fit with our sponsored sports club memberships (EGYM Wellpass)
• Individual learning allowance: Grow your skills with an individual learning budget granted after the probation period
• Childcare allowance: Receive a childcare allowance for your non-school-age children
• And Much More! Discover additional perks and benefits when you join our team        

Who we are

We are Isar Aerospace and we are at the forefront of New Space building a modern space business to enable faster, better and cheaper access to space.

Our mission is to help democratise space and use it for good in order to improve life on Earth now and for the future generations.

We are a fast-growing company aiming to provide sustainable and environmentally friendly launch solutions for small and medium-sized satellites and constellations into Low Earth Orbit. The company is privately funded by world-leading technology investors with strong commitment and support and our team is made of driven and talented people with a real passion for space innovation.

We're making rockets in a way that hasn't been done before disrupting a traditional industry. If you are up for the challenge, want to work on cutting-edge projects and be part of a team changing the world for better, come, join us and launch your career!

Want to find out more about us?

Visit www.isaraerospace.com