Apply now »

Your responsibilities:

  • conducting security assessments and control validation across products, systems and internal processes,
  • evaluating the effectiveness of technical and administrative security controls using frameworks such as ISO 27001, NIST 800-53, SOC2 and industry standards,
  • performing continuous assurance activities to maintain compliance with internal policies and external regulatory requirements,
  • identifying control gaps, preparing clear findings and tracking remediation activities,
  • supporting risk assessments by analyzing security risks and recommending mitigation strategies,
  • reviewing system architectures, data flows and configurations for assurance considerations,
  • providing expert input for security exception processes and risk treatment plans,
  • collaborating with engineering, IT, product security, procurement and operations to embed assurance requirements,
  • participating in design reviews, supplier risk evaluations and security improvement initiatives,
  • creating assurance reports, dashboards and metrics for leadership visibility,
  • analyzing trends from assessments and incidents to identify systemic improvement opportunities,
  • contributing to the development of security assurance strategy, processes and tooling.

Our requirements:

  • bachelor’s degree in Information Security, Computer Science, IT or a related field (or equivalent experience),
  • 3+ years of experience in security assurance, security compliance, audit, risk management or technical security roles,
  • strong understanding of security frameworks such as IEC 62443, ISO 27001, NIST CSF, NIST 800-53, SOC 2 and CIS Controls,
  • experience conducting assessments, validating controls or supporting security audits,
  • ability to interpret technical architectures, security controls and risk impacts,
  • excellent communication skills, with the ability to translate technical findings into clear, actionable guidance,
  • strong analytical and problem‑solving skills with high attention to detail.

Optional:

  • certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer or Security+,
  • experience in regulated industries such as automotive, critical infrastructure, financial services, cloud or manufacturing,
  • familiarity with secure development practices, cloud security or product security assurance,
  • experience with GRC or assurance tools such as Archer, ServiceNow GRC, OneTrust or Drata.

We offer:

  • attractive salary and package,
  • creative and challenging work in an international environment,
  • interesting projects and development opportunities,
  • friendly atmosphere and team support,
  • attractive benefits package (e.g. private medical care, sports card, life insurance, language training, holiday allowance),
  • incentive programs.

Apply now »