Security Assurance Specialist (f/m/d)

Responsibilities

• Conducting security assessments and control validation across products, systems and internal processes.
• Evaluating the effectiveness of technical and administrative security controls using frameworks such as ISO 27001, NIST 800-53, SOC2 and industry standards.
• Performing continuous assurance activities to maintain compliance with internal policies and external regulatory requirements.
• Identifying control gaps, preparing clear findings and tracking remediation activities.
• Supporting risk assessments by analyzing security risks and recommending mitigation strategies.
• Reviewing system architectures, data flows and configurations for assurance considerations.
• Providing expert input for security exception processes and risk treatment plans.
• Collaborating with engineering, IT, product security, procurement and operations to embed assurance requirements.
• Participating in design reviews, supplier risk evaluations and security improvement initiatives.
• Creating assurance reports, dashboards and metrics for leadership visibility.
• Analyzing trends from assessments and incidents to identify systemic improvement opportunities.
• Contributing to the development of security assurance strategy, processes and tooling.

Requirements

• Bachelor’s degree in Information Security, Computer Science, IT or a related field (or equivalent experience).
• 3+ years of experience in security assurance, security compliance, audit, risk management or technical security roles.
• Strong understanding of security frameworks such as IEC 62443, ISO 27001, NIST CSF, NIST 800-53, SOC 2 and CIS Controls.
• Experience conducting assessments, validating controls or supporting security audits.
• Ability to interpret technical architectures, security controls and risk impacts.
• Excellent communication skills, with the ability to translate technical findings into clear, actionable guidance.
• Strong analytical and problem‑solving skills with high attention to detail.

Optional

• Certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer or Security+.
• Experience in regulated industries such as automotive, critical infrastructure, financial services, cloud or manufacturing.
• Familiarity with secure development practices, cloud security or product security assurance.
• Experience with GRC or assurance tools such as Archer, ServiceNow GRC, OneTrust or Drata.

We Offer

• Stable employment and long‑term career growth.
• Annual bonus up to 10% of your annual gross base salary.
• Flexible hours (start between 7:00 and 9:30 a.m.).
• Hybrid work model.
• Private healthcare (upgrade options and family add‑ons).
• Subsidized Multisport membership.
• Partial funding for professional training.
• Life insurance.
• Vacation allowance.
• Benefit points through the MyBenefit platform.
• Access to company events.
• A comprehensive, role‑specific training program.
• Opportunities for development and upskilling.
• A friendly culture and supportive team.
• Additional bonuses and recognition awards.