Open to GRC roles · Berlin / DACH

Bernd Janzen

GRC Analyst | Governance, Risk & Compliance | Security Operations

I build compliance baselines that hold up in practice — EU AI Act, GDPR, and NIST CSF 2.0 — and automate the evidence work with Python. Most recently at Panos.ai, where I mapped 47 compliance elements across three frameworks for an AI startup.

Role
GRC Analyst
Frameworks
EU AI Act · GDPR · NIST CSF 2.0
Certification
CompTIA Security+
Status
Available — Berlin, DACH

Background & Skills

GRC Analyst based in Berlin. At Panos.ai I built the EU AI Act and GDPR compliance baseline for an AI startup: risk classification, GPAI documentation, RoPA, and core policies — and mapped 47 compliance elements across NIST CSF, GDPR, and the EU AI Act.

I automate compliance work with Python — most recently extracting GCP asset inventory (133 resources) and mapping it to the NIST CSF ID.AM schema. That builder's approach comes from a full-stack web development background (CareerFoundry), and today it means directing AI coding agents through working pipelines and validating what they produce against real data.

CompTIA Security+ certified, completed the Masterschool cybersecurity program (May 2025 – Jul 2026). My background includes an IHK EDV-Kaufmann qualification (1993) and IT support work in the 1990s. Native German speaker.

Status record Rev. 2026-07
Role grc-analyst
Last post GRC / Compliance Intern, Panos.ai (May – Jul 2026, completed)
Location Berlin, Germany
Open to GRC & compliance roles (DACH) · security operations as secondary interest
Compliance & Frameworks
EU AI Act GDPR NIST CSF 2.0 ISO 27001:2022 NIS2 OWASP
Compliance Automation
Python GCP Cloud Asset Inventory Vertex AI pgvector Bash
Security & Monitoring
Wazuh SIEM Splunk Wireshark Nmap Snort IDS Kali Linux
Networking
TCP/IP DNS / DHCP pfSense VLANs VPN

Projects

Certifications

CompTIA Security+
CompTIA · Jan 2026
Cybersecurity Program
Masterschool · Jul 2026
Eramba Risk & Compliance Management
Eramba · May 2026
Google Cybersecurity
Google / Coursera · Jun 2026
Google IT Support
Google / Coursera · Oct 2025
Full-Stack Web Dev
CareerFoundry · Apr 2024
EDV-Kaufmann (IHK)
IHK · 1993

Let's connect

Open to GRC & compliance roles in the DACH region — and to cybersecurity conversations.