Information Security & Compliance Specialist

We are looking for a Security and Compliance Specialist to take ownership of our day-to-day security governance and compliance operations. This role supports ISO 27001, DORA readiness, the EU Data Act, customer security expectations, and our internal ISMS. You will work closely with IT and engineering but act as the primary coordinator and operator of our core security and compliance processes., * Monitor and track risk assessments, treatment plans, and ongoing control performance.

• Coordinate internal audits, management reviews, and quarterly control checks.
• Assist with incident response preparation, documentation, communication flows, and tabletop exercises.
• Support IT with vulnerability management, follow-ups, remediation tracking, and reporting.

Compliance Operations

• Prepare, organize, and maintain security framework (CIS, ISO 27001, etc>) evidence; ensure all controls remain audit-ready.

• Coordinate external audits and certification activities.

• Help maintain security and privacy documentation (policies, standards, procedures, guidelines).

• Support GDPR responsibilities, including:

• Maintaining ROPA

• Assisting with DPIA reviews

• Tracking privacy risks and mitigation measures

• Ensuring data retention, access, and deletion procedures are well-implemented

Support alignment with DORA and EU Data Act requirements as they evolve.

Ensure documentation, evidence, and processes remain aligned with EU regulatory expectations., * Help complete customer security questionnaires, due-diligence requests, and technical security responses.

• Maintain and operate the vendor risk management lifecycle: intake, screening, reviews, assessments, approvals, and periodic recertifications.
• Track third-party contracts to ensure security, privacy, and data-processing terms remain compliant.
• Assist CIO and IT to validate data transfer mechanisms and subprocessors., * Collaborate with IT to maintain data asset inventories and data flow records across environments.
• Support data governance documentation related to access, portability, transparency, and the data lifecycle.
• Assist with updates required by EU Data Act obligations (access rights, interoperability, data sharing).
• Support data classification efforts and help ensure data handling aligns with policy., * Act as a central coordination point for security-related projects, evidence gathering, and readiness activities.
• Provide support during customer escalations, compliance reviews, or security discussions.
• Help cultivate a strong internal culture of security and privacy awareness.

• 3-5 years in information security, IT governance, risk management, compliance, or privacy.
• Hands-on exposure to CIS, ISO 27001, SOC 2, GDPR, or internal audit environments.
• Experience supporting or operating compliance frameworks in SaaS or technology companies.
• Strong communication skills and the ability to work with technical and business teams.
• High attention to detail, structured execution, and exceptional follow-through.
• Fluent in English., * Certifications such as Security+, CIPP/E, CIPM, CEH, CC, CCSP, or similar.
• Experience with DORA, NIS2, or EU Data Act requirements.
• Prior involvement in audit preparation or security questionnaire programs.
• Familiarity with identity and access management, vulnerability management, or cloud security basics.
• Exposure to privacy engineering concepts or data governance tooling.

• A full-time job with a competitive salary package
• You are provided with the tools & flexibility to develop yourself successfully
• An international environment where you will interact with motivated & open colleagues from different backgrounds
• A workplace where you can share and implement your ideas
• A hybrid work policy, which helps guarantee an excellent work-life balance

At Guardsquare, we take pride in being a diverse and multicultural company with team members representing numerous nationalities. We value different perspectives and opinions throughout the business which has contributed to our being the market leader in mobile application security.

You will be part of a dynamic team that strives for excellence and focuses on continuous education and enhancement in skills. We encourage & empower our trusted colleagues to share their opinions, actively collaborate, and continue to learn and grow.

So, what are you waiting for? Join us!

Guardsquare offers the most complete approach to mobile application security on the market, delivering the highest level of protection in the easiest possible way. Guardsquare's software integrates seamlessly across the development lifecycle, from app security testing to code hardening to real-time visibility into the threat landscape. Guardsquare products provide enhanced mobile application security from early in the development process through publication. More than 900 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications and SDKs against reverse engineering and tampering in the ever-evolving threat landscape. Guardsquare is headquartered in Leuven (Belgium) with offices in Boston, MA, (USA), Ghent (Belgium), and Munich (Germany).