Security & Compliance Lead (m/f/d)

Key Responsibilities

Security, Compliance & Governance Ownership

• Own the information security and product cybersecurity compliance frameworks (e.g. ISO 27001, IEC 62443).
• Contribute to the maintenance and evolution of ISO 9001 where it supports security, compliance, and continuous improvement.
• Translate regulatory, legal, and customer security requirements (e.g. NIS2, GDPR) into clear internal policies, processes, and expectations.
• Ensure security and compliance requirements are consistently understood and applied across the organization.
• Drive continuous improvement of security-related processes and governance.

Audits, Certifications & Evidence

• Prepare, coordinate, and support internal and external audits and certifications related to security, compliance, and applicable process standards (e.g. ISO 27001, IEC 62443, ISO 9001).
• Own evidence gathering and audit readiness across teams.
• Support teams in producing security-related documentation and review it form completeness and compliance, while teams remain the authors and owners of their product and technical documentation.
• Define and maintain tooling and processes to make compliance more scalable and less painful over time.
• Act as the primary point of contact for auditors and certification bodies on security topics.

Cross-Team Coordination & Accountability

• Work closely with software, hardware, embedded software, product, and IT teams to ensure compliance requirements are realistic, understood, and implemented.
• Clarify roles and responsibilities related to security and compliance across teams.
• Follow up on compliance actions and escalate when necessary.
• Help remove ambiguity around “who owns what” for security-related topics.

Customer & External Stakeholders

• Act as the main point of contact for customer-facing cybersecurity and compliance questions.
• Support customer security assessments, questionnaires, and assurance requests.

Profile We Are Looking For

• Solid technical background (software, embedded systems, infrastructure, or security) allowing you to understand architectures and technical constraints.
• Experience with security compliance, audits, or governance frameworks (e.g. ISO 27001, IEC 62443, or similar).
• Comfortable working with standards, documentation, evidence, and structured processes.
• Able to communicate clearly with both technical and non-technical stakeholders.
• Pragmatic mindset: able to balance compliance requirements with real-world constraints.

Nice to Have

• Experience in a B2B and/or regulated environment.
• Exposure to customer security assessments and certifications.
• Familiarity with tooling used for compliance, documentation, or risk tracking.
• Certifications related to security governance, compliance, or process frameworks (e.g. ISO 27001 implementer/auditor, IEC 62443, ISO 9001).
• We value practical experience and are open to supporting relevant certifications when needed for audit or compliance purposes.

Why This Role

• You’ll have real ownership of security compliance in a growing company.
• You’ll work directly with the CEO and leadership team.
• You’ll help turn compliance from a recurring pain point into a strength.
• You’ll have the autonomy to structure and improve how things are done.
• You’ll work closely with strong software, hardware, and embedded teams — without being expected to replace them.