Apply now »

Your responsibilities:

  • conducting security assessments and control validation across products, systems and internal processes,
  • evaluating the effectiveness of technical and administrative security controls using frameworks such as ISO 27001, NIST 800-53, SOC2 and industry standards,
  • performing continuous assurance activities to maintain compliance with internal policies and external regulatory requirements,
  • identifying control gaps, preparing clear findings and tracking remediation activities,
  • supporting risk assessments by analyzing security risks and recommending mitigation strategies,
  • reviewing system architectures, data flows and configurations for assurance considerations,
  • providing expert input for security exception processes and risk treatment plans,
  • collaborating with engineering, IT, product security, procurement and operations to embed assurance requirements,
  • participating in design reviews, supplier risk evaluations and security improvement initiatives,
  • creating assurance reports, dashboards and metrics for leadership visibility,
  • analyzing trends from assessments and incidents to identify systemic improvement opportunities,
  • contributing to the development of security assurance strategy, processes and tooling.

Our requirements:

  • bachelor’s degree in Information Security, Computer Science, IT or a related field (or equivalent experience),
  • 3+ years of experience in security assurance, security compliance, audit, risk management or technical security roles,
  • strong understanding of security frameworks such as IEC 62443, ISO 27001, NIST CSF, NIST 800-53, SOC 2 and CIS Controls,
  • experience conducting assessments, validating controls or supporting security audits,
  • ability to interpret technical architectures, security controls and risk impacts,
  • excellent communication skills, with the ability to translate technical findings into clear, actionable guidance,
  • strong analytical and problem‑solving skills with high attention to detail.

Optional:

  • certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer or Security+,
  • experience in regulated industries such as automotive, critical infrastructure, financial services, cloud or manufacturing,
  • familiarity with secure development practices, cloud security or product security assurance,
  • experience with GRC or assurance tools such as Archer, ServiceNow GRC, OneTrust or Drata.

We offer:

  • stable employment and long‑term career growth,
  • annual bonus up to 10% of your annual gross base salary,
  • flexible hours (start between 7:00 and 9:30 a.m.),
  • hybrid work model,
  • private healthcare (upgrade options and family add‑ons),
  • subsidized Multisport membership,
  • partial funding for professional training,
  • life insurance,
  • vacation allowance,
  • benefit points through the MyBenefit platform,
  • access to company events,
  • a comprehensive, role‑specific training program,
  • opportunities for development and upskilling,
  • a friendly culture and supportive team,
  • additional bonuses and recognition awards.

Apply now »