Information Security Compliance Engineer

Spyrosoft is seeking an Information Security Compliance Engineer to join their Quality & Compliance team, focusing on developing and maintaining the organization's information security compliance framework aligned with international standards and regulations.

• 2–4 years of experience in information security, compliance, or risk (preferably IT environment)
• Practical knowledge of ISO/IEC 27001 (ISMS, audits, controls, corrective actions)
• Good understanding of GDPR and data protection
• Familiarity with NIS2
• Ability to assess security controls from a governance perspective
• Very good English (spoken and written)
• Strong analytical skills and attention to detail
• Ability to communicate clearly with technical and non-technical stakeholders
• Self-driven mindset and ability to manage multiple topics independently
• Professional approach, high integrity, and attention to confidentiality

Nice to have:

• Experience using AI tools in daily workflow
• Experience with TISAX / VDA ISA
• Knowledge of ISO 9001 or similar
• ISO 27001 Lead Auditor or CISA certification
• Experience in consulting roles

• Maintain and improve ISMS (ISO 27001, TISAX)
• Support internal and external audits
• Identify compliance gaps and track improvements
• Create and update policies, standards, and procedures
• Support GDPR, NIS2, and other regulatory requirements
• Assist with customer audits and security questionnaires
• Provide basic advisory support to clients
• Conduct high-level security and compliance assessments