Giesecke+Devrient is a global company that offers security technologies, both in the physical and digital world. Every day, billions of people benefit from G+D innovations in their personal and business lives. We develop, manufacture, and distribute products and solutions for the safeguarding of payment processes, identities, connectivity, and data. At G+D Mobile Security, a world leader in secure telecommunications systems, we are looking for a highly skilled and proactive Security Manager Azure to join our agile team. Key Responsibilities
- Own and continuously improve our ISMS, policies, and security governance lifecycle.
- Act as a trusted advisor to engineering, product, compliance, and customer‑facing teams.
- Lead security risk assessments, maintain the risk register, and drive quarterly risk cycles.
- Ensure operational compliance with ISO 27001:2022, GSMA SAS, NIS-2 and customer security requirements and support hands-on with configuration tasks.
- Coordinate external and internal audits and assessments, ensuring evidence readiness and smooth execution.
- Lead vendor risk programs that strengthen our supply chain resilience.
- Review product and architectural changes for governance alignment and secure design.
- Collaborate with the Security Architect to connect governance with DevSecOps and cloud practices.
- Own Azure security posture, govern Microsoft Defender for Cloud findings, Entra ID Conditional Access policies, Privileged Identity Management (JIT access), and quarterly access reviews.
- Support on cross-platform governance tasks, policy alignment, and shared risk register entries covering AWS and Azure workloads.
- Enforce Zero Trust controls across cloud environments: continuous verification, least-privilege access, and RBAC/ABAC enforcement.
- Govern IaC and CI/CD pipeline security gates: review IaC templates for secrets management compliance, approve pipeline security controls, and validate rollback procedures.
- Produce structured assurance reporting for management: metrics tied to the risk register, control effectiveness, and remediation tracking for findings from Defender for Cloud and AWS Security Hub.
What You Bring:
- At least 5 years in information security, risk, audit, or compliance, with a minimum of 3 years in a similar role (security management, cloud security governance, or ISMS ownership), ideally in regulated environments (telecommunications, banking, payments, SaaS).
- Strong understanding of ISO 27001, risk methodologies, and modern security frameworks.
- Solid knowledge of security controls (IAM, third‑party risk, secure SDLC, cloud).
- Ability to challenge and support engineering teams constructively.
- Solid knowledge of Azure and AWS security controls.
- Practical understanding of Zero Trust architecture principles and shared responsibility models across IaaS, PaaS, and SaaS.
- Familiarity with IaC security practices: secrets management, pipeline approval workflows, and dependency vulnerability handling.
- Experience producing security assurance metrics and governance reports for senior stakeholders.
- Excellent analytical, documentation, and problem‑solving skills.
- Fluent English; German or Spanish is a plus.
- ISO 27001 Lead Implementer/Auditor, CISM, CISSP, CRISC, CCSP.
- AZ-500 (Microsoft Certified: Azure Security Engineer Associate).
- AWS Certified Security – Specialty.
- CCSK (Certificate of Cloud Security Knowledge).
- Familiarity with the Microsoft Cloud Security Benchmark (MCSB) or CIS Benchmarks for Azure/AWS.
-
Culture and diversity: Join a people oriented environment with different nationalities and a great team spirit, flat hierarchies (everyone speaks to everyone). Equal Opportunity Employer and LGBT+ friendly.
-
Global Collaboration: Work collaboratively with stakeholders around the globe.
-
Career Development: Benefit from continuous training, coaching, and talent development programs.
-
Social Benefits: flexible compensation (transport tickets, training, private insurance), etc.
-
Own canteen: take a break with our breakfast and lunch service: chose between a wild range of menus, salad desk, and sandwiches service. Nicely prices!
-
Work-Life Balance: Flexible working hours with the option for remote work (M-Th 8.30 – 17.30 and Fri 8.30 – 15.30; 3 days of remote work).
-
Location: Sant Joan Despí. Easy communication by public transport.
The personal data you provide will be processed to manage your application in accordance with the GDPR and our Privacy Policy, available at Data Privacy | G+D.
