Role Responsibilities: What you will do

Governance & Compliance

• Implement and maintain ISO 27001 and TISAX certifications.
• Own all compliance-related activities, including but not limited to:
  • Internal and external audit preparation and coordination.
  • Maintaining the Statement of Applicability (SoA) and evidence for controls.
  • Ensuring adherence to regulatory and contractual security requirements.
• Develop and maintain compliance documentation, policies, and procedures.

Incident & Continuity Management

• Lead security incident response and ensure proper documentation.
• Conduct root cause analysis and follow-up on corrective actions.
• Own the end-to-end BCP process, including but not limited to:
  • Maintain BCP documentation and ensure readiness through periodic BCP drills and readiness assessments.
  • Launch BCP in case of major incidents or disruptions.
  • Coordinate communication with stakeholders during BCP activation.

Risk Management

• Identify, assess, prioritize, and track security risks.
• Monitor timely execution of mitigation plans.
• Perform and review threat modelling for critical systems and processes.

Security Operations

• Oversee data classification and define retention periods.
• Support infrastructure hardening and application security initiatives.
• Maintain and enhance the security playbook AI model for incident response.

Testing & Assurance

• Plan and coordinate penetration testing and vulnerability assessments.
• Prioritize and follow up on mitigation of PEN test findings.

Customer & Stakeholder Support

• Act as a security and compliance subject matter expert for customer-facing teams.
• Respond to security questionnaires and RFPs.

Role Requirements: What you need to succeed

• Bachelor’s degree in Information Technology, Computer Science, or a related field.
• 4 – 6 years work experience in information security, compliance, or IT governance.
• Hands-on experience with ISO 27001 implementation and audits.
• Ideally, you have experience in TISAX requirements and automotive security standards.
• Strong understanding of risk management, threat modelling, and vulnerability management.
• Experience with penetration testing tools and methodologies.
• Knowledge of infrastructure hardening and application security best practices.
• Deep understanding of regulatory frameworks and audit processes.
• Experience maintaining compliance documentation and evidence.
• Excellent problem-solving and analytical skills.
• Strong verbal and written communication skills in English, German is a plus.
• Ability to work in a highly agile, fast-paced environment.

Why idealworks

• At idealworks, you will find an international working environment and become part of an experienced, open team where mutual trust counts. You will feel at home from the very first second!
• Experience a first-hand start-up feeling and flat hierarchies with varied and responsible tasks that you work on independently.
• Look forward to hybrid working model with 30 vacation days per year and various opportunities to balance your free time, family and job.
• For your commitment to helping us achieve our mission, you will not only be rewarded with appreciation, but also with above-average pay including a bonus scheme and an annual personal development budget.
• We offer exciting corporate benefits, an attractive company pension scheme and regular team events.
• Our modern office is easily accessible by public transport, bike and car and offers numerous catering options for relaxed lunch breaks with your team.
• Driven by our unique corporate culture, the five values "passion for results", "wellbeing", "personal growth", "trust" and "being and acting as one team" determine our daily actions and cooperation.

About us

As a forward-thinking deep tech company, idealworks has been enabling the future of logistics and industrial automation since November 2020. Its flexible, scalable robotics ecosystem, featuring the intelligent automation platform AnyFleet for seamless mobile robot integration, the CE-certified autonomous mobile robot (AMR) iw.hub, the simulation technology iw.sim, and the advanced robotics operating system iw.os, is reshaping intralogistics processes for companies globally. Emerging from its roots as a BMW Group spinoff, idealworks is committed to driving efficiency and operational optimization in a rapidly evolving automation landscape.