Information Security Compliance Engineer

<h3><strong>About the role</strong></h3><p><br>We are looking for an Information Security Compliance Engineer to join our Quality & Compliance team. You will support the development of our security framework, internal audits, and client-facing compliance activities, ensuring alignment with international standards and regulations.</p><p></p><h3><strong>Tech stack:</strong></h3><ul><li><p>ISO/IEC 27001 (ISMS)</p></li><li><p>TISAX / VDA ISA</p></li><li><p>GDPR</p></li><li><p>NIS2</p></li><li><p>ISO-based management systems (e.g., ISO 9001)</p></li></ul><p></p><h3><strong>Requirements:</strong></h3><ul><li><p>2–4 years of experience in information security / compliance / risk (IT environment preferred)</p></li><li><p>Practical knowledge of ISO/IEC 27001 (ISMS, audits, controls, corrective actions)</p></li><li><p>Good understanding of GDPR and data protection</p></li><li><p>Familiarity with NIS2</p></li><li><p>Ability to assess security controls (governance perspective)</p></li><li><p>Very good English (spoken and written)</p></li><li><p>Strong analytical skills and attention to detail</p></li><li><p>Ability to communicate clearly with technical and non-technical stakeholders</p></li><li><p>Self-driven mindset and ability to manage multiple topics independently</p></li><li><p>Professional approach, high integrity, and attention to confidentiality</p></li></ul><p></p><h3><strong>Nice to have:</strong></h3><ul><li><p><span>Experienced in using AI tools in day-to-day workflow</span></p></li><li><p>Experience with TISAX / VDA ISA</p></li><li><p>Knowledge of ISO 9001 or similar</p></li><li><p>ISO 27001 Lead Auditor or CISA certification</p></li><li><p>Experience in consulting roles</p></li></ul><p></p><h3><strong>Project description:</strong></h3><p>You will join an independent <strong>Quality & Compliance</strong> function and help maintain and develop the organization’s information security compliance framework. The role includes internal assurance work (e.g., internal audits and continuous improvement) and client-facing activities (e.g., customer audits, security questionnaires, and due diligence). You will act as a trusted advisor for both internal stakeholders and external clients, providing clear and actionable guidance on security and compliance topics.</p><p></p><p></p><h3><strong>Main responsibilities:</strong></h3><ul><li><p>Maintain and improve ISMS (ISO 27001, TISAX)</p></li><li><p>Support internal and external audits</p></li><li><p>Identify compliance gaps and track improvements</p></li><li><p>Create and update policies, standards, and procedures</p></li><li><p>Support GDPR, NIS2, and other regulatory requirements</p></li><li><p>Assist with customer audits and security questionnaires</p></li><li><p>Provide basic advisory support to clients</p></li><li><p>Conduct high-level security and compliance assessments</p></li></ul>