The Information Security Team is responsible for information security governance, compliance, risk management, and audit readiness across the organization. We work closely with technical, legal, product, and business teams to ensure that security requirements are understood, implemented, documented, and continuously improved.
This role is suitable for someone who wants to grow in information security governance, audits, customer security assurance, risk management, and compliance frameworks such as ISO/IEC 27001, SOC 2, HIPAA, PCI DSS, NIS2, CRA, and others.
### Main Responsibilities
Support the implementation and maintenance of the company’s information security governance and compliance framework;
Assist with internal and external information security audits, including evidence collection and follow-up on findings;
Participate in security reviews and help track corrective actions;
Support business and technology initiatives by helping identify applicable information security and compliance requirements;
Help maintain information security documentation, policies, procedures, registers, and audit evidence;
Support customer security assurance activities, including security questionnaires, RFPs, and due diligence requests;
Collaborate with technical and business teams on improvements to information security processes and controls;
Support security awareness and training activities.
### Core Requirements
Basic understanding of information security principles and common compliance frameworks, such as ISO/IEC 27001, SOC 2, etc.;
Interest in information security governance, compliance, audits, and risk management;
Strong organizational skills and attention to detail;
Ability to communicate clearly with both technical and non-technical stakeholders;
Analytical mindset and ability to identify gaps, risks, and practical improvements;
Sense of ownership and ability to complete assigned tasks independently;
Willingness to learn, ask questions, and improve continuously;
Good written and verbal communication skills in English.
### Nice to Have
Previous experience supporting audits, risk assessments, customer security questionnaires, policy documentation, or compliance activities;
Familiarity with one or more security/compliance frameworks, such as ISO 27001, SOC 2, HIPAA, PCI DSS, NIS2, CRA, GDPR, or similar;
Understanding of SaaS environments, cloud services, specific topics like access management, incident management, vulnerability management, change management, etc.;
Relevant certification such as ISO 27001 Foundation, ISO 27001 Internal Auditor, Security+, or similar.
### Salary Range
Gross Salary: 2200 - 3700 EUR/Month
