Experteer Overview
In this role you own and continuously improve our security governance program, including ISMS, policies, and risk management. You partner with engineering, product, and compliance teams to embed secure practices and ensure audit readiness. You will drive risk assessments, manage the risk register, and coordinate external audits. You’ll lead vendor risk and governance alignment across DevSecOps and cloud practices, shaping a secure engineering culture in a global, mission-driven environment.
Compensaciones / Incentivos
• Own and continuously improve the ISMS, policies, and security governance lifecycle
• Act as trusted advisor to engineering, product, compliance, and customer-facing teams
• Lead security risk assessments and maintain the risk register with quarterly cycles
• Ensure regulatory and customer security compliance (ISO 27001:2022, CROE, GDPR); support hands-on configuration tasks
• Coordinate external audits and assessments for evidence readiness
• Lead vendor risk programs to strengthen supply chain resilience
• Review product/architecture changes for governance alignment and secure design
• Collaborate with Security Architect to integrate governance with DevSecOps and cloud security practices
Responsabilidades
• At least 3 years in information security, risk, audit, or compliance
• Experience in regulated environments (FinTech, banking, payments, SaaS)
• Strong understanding of ISO 27001 and risk methodologies
• Knowledge of security controls (IAM, third-party risk, secure SDLC, cloud)
• Ability to challenge and support engineering teams constructively
• Excellent analytical, documentation, and problem-solving skills
• Fluent in English; German or Spanish is a plus
Requisitos principales
• flexible compensation
• remote work options
• training and career development
• private health insurance
• canteen with diverse menu
• national/international team culture