Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Giesecke+Devrient

Security Manager – Azure

Giesecke+Devrient

Security Manager overseeing ISMS and security governance at G+D Mobile Security, ensuring compliance and managing vendor risks. Collaborating across teams to enforce secure cloud practices and Zero Trust controls.

Posted 6/23/2026full-timeSant Joan Despí • 🇪🇸 SpainMid-LevelSeniorWebsite

Tech Stack

Tools & technologies
AWSAzureCloudSDLC

About the role

Key responsibilities & impact
  • Own and continuously improve our ISMS, policies, and security governance lifecycle.
  • Act as a trusted advisor to engineering, product, compliance, and customer‑facing teams.
  • Lead security risk assessments, maintain the risk register, and drive quarterly risk cycles.
  • Ensure operational compliance with ISO 27001:2022, GSMA SAS, NIS-2 and customer security requirements and support hands-on with configuration tasks.
  • Coordinate external and internal audits and assessments, ensuring evidence readiness and smooth execution.
  • Lead vendor risk programs that strengthen our supply chain resilience.
  • Review product and architectural changes for governance alignment and secure design.
  • Collaborate with the Security Architect to connect governance with DevSecOps and cloud practices.
  • Own Azure security posture, govern Microsoft Defender for Cloud findings, Entra ID Conditional Access policies, Privileged Identity Management (JIT access), and quarterly access reviews.
  • Support on cross-platform governance tasks, policy alignment, and shared risk register entries covering AWS and Azure workloads.
  • Enforce Zero Trust controls across cloud environments: continuous verification, least-privilege access, and RBAC/ABAC enforcement.
  • Govern IaC and CI/CD pipeline security gates: review IaC templates for secrets management compliance, approve pipeline security controls, and validate rollback procedures.
  • Produce structured assurance reporting for management: metrics tied to the risk register, control effectiveness, and remediation tracking for findings from Defender for Cloud and AWS Security Hub.

Requirements

What you’ll need
  • At least 5 years in information security, risk, audit, or compliance, with a minimum of 3 years in a similar role (security management, cloud security governance, or ISMS ownership), ideally in regulated environments (telecommunications, banking, payments, SaaS).
  • Strong understanding of ISO 27001, risk methodologies, and modern security frameworks.
  • Solid knowledge of security controls (IAM, third‑party risk, secure SDLC, cloud).
  • Ability to challenge and support engineering teams constructively.
  • Solid knowledge of Azure and AWS security controls.
  • Practical understanding of Zero Trust architecture principles and shared responsibility models across IaaS, PaaS, and SaaS.
  • Familiarity with IaC security practices: secrets management, pipeline approval workflows, and dependency vulnerability handling.
  • Experience producing security assurance metrics and governance reports for senior stakeholders.
  • Excellent analytical, documentation, and problem‑solving skills.
  • Fluent English; German or Spanish is a plus.

Benefits

Comp & perks
  • Culture and diversity: Join a people oriented environment with different nationalities and a great team spirit, flat hierarchies (everyone speaks to everyone).
  • Equal Opportunity Employer and LGBT+ friendly.
  • Global Collaboration: Work collaboratively with stakeholders around the globe.
  • Career Development: Benefit from continuous training, coaching, and talent development programs.
  • Social Benefits: flexible compensation (transport tickets, training, private insurance), etc.
  • Own canteen: take a break with our breakfast and lunch service: chose between a wild range of menus, salad desk, and sandwiches service. Nicely prices!
  • Work-Life Balance: Flexible working hours with the option for remote work (M-Th 8.30 – 17.30 and Fri 8.30 – 15.30; 3 days of remote work).

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
ISO 27001risk assessmentsecurity governancecloud securityZero Trust architectureIaC securityCI/CD pipeline securitysecurity controlssecrets managementvendor risk management
Soft Skills
analytical skillsproblem-solving skillsdocumentation skillsconstructive supportcollaborationleadershipcommunicationtrust advisor