Apply now »

Security Manager Azure

Location: 

Sant Joan Despí (BCN), ES

Stellen-ID:  27349

G+D makes the lives of billions of people around the world more secure. We create trust in the digital age with integrated security technologies in three business areas: Digital Security, Financial Platforms and Currency Technology. We have been a reliable partner for our customers for over 170 years with our innovative solutions for SecurityTech! We are an international technology group and traditional family business with over 14,000 employees in 40 countries. Creating Confidence is our path to success. Trust is the basis of our co-operation within G+D. 

We are the reliable partner for all challenges resulting from the Internet of Things. We offer a complete connectivity portfolio for mobile network operators, automotive manufacturers, technology companies such as chip and module manufacturers as well as transport and logistics providers. Our portfolio includes highly secure solutions in the area of connectivity & IoT, from classic SIM, eSIM and iSIM, to the associated embedded operating systems and life cycle management, through to services for global connectivity and IoT solutions. Do you want to actively shape the digital transformation with us?
 

Giesecke+Devrient is a global company that offers security technologies, both in the physical and digital world. Every day, billions of people benefit from G+D innovations in their personal and business lives. We develop, manufacture, and distribute products and solutions for the safeguarding of payment processes, identities, connectivity, and data.

 

At G+D Mobile Security, a world leader in secure telecommunications systems, we are looking for a highly skilled and proactive Security Manager Azure to join our agile team.

 

 Key Responsibilities 

 

  • Own and continuously improve our ISMS, policies, and security governance lifecycle. 

  • Act as a trusted advisor to engineering, product, compliance, and customer‑facing teams. 

  • Lead security risk assessments, maintain the risk register, and drive quarterly risk cycles. 

  • Ensure operational compliance with ISO 27001:2022, GSMA SAS, NIS-2 and customer security requirements and support hands-on with configuration tasks. 

  • Coordinate external and internal audits and assessments, ensuring evidence readiness and smooth execution. 

  • Lead vendor risk programs that strengthen our supply chain resilience. 

  • Review product and architectural changes for governance alignment and secure design. 

  • Collaborate with the Security Architect to connect governance with DevSecOps and cloud practices. 

  • Own Azure security posture, govern Microsoft Defender for Cloud findings, Entra ID Conditional Access policies, Privileged Identity Management (JIT access), and quarterly access reviews. 

  • Support on cross-platform governance tasks, policy alignment, and shared risk register entries covering AWS and Azure workloads. 

  • Enforce Zero Trust controls across cloud environments: continuous verification, least-privilege access, and RBAC/ABAC enforcement. 

  • Govern IaC and CI/CD pipeline security gates: review IaC templates for secrets management compliance, approve pipeline security controls, and validate rollback procedures. 

  • Produce structured assurance reporting for management: metrics tied to the risk register, control effectiveness, and remediation tracking for findings from Defender for Cloud and AWS Security Hub. 

 

 

What You Bring: 

 

  • At least 5 years in information security, risk, audit, or compliance, with a minimum of 3 years in a similar role (security management, cloud security governance, or ISMS ownership), ideally in regulated environments (telecommunications, banking, payments, SaaS). 

  • Strong understanding of ISO 27001, risk methodologies, and modern security frameworks. 

  • Solid knowledge of security controls (IAM, third‑party risk, secure SDLC, cloud). 

  • Ability to challenge and support engineering teams constructively. 

  • Solid knowledge of Azure and AWS security controls. 

  • Practical understanding of Zero Trust architecture principles and shared responsibility models across IaaS, PaaS, and SaaS. 

  • Familiarity with IaC security practices: secrets management, pipeline approval workflows, and dependency vulnerability handling. 

  • Experience producing security assurance metrics and governance reports for senior stakeholders. 

  • Excellent analytical, documentation, and problem‑solving skills.  

  • Fluent English; German or Spanish is a plus. 

 

  

Nice to Have 

  • ISO 27001 Lead Implementer/Auditor, CISM, CISSP, CRISC, CCSP. 

  • AZ-500 (Microsoft Certified: Azure Security Engineer Associate). 

  • AWS Certified Security – Specialty. 

  • CCSK (Certificate of Cloud Security Knowledge). 

  • Familiarity with the Microsoft Cloud Security Benchmark (MCSB) or CIS Benchmarks for Azure/AWS. 

 

 

What’s great about working with us:

  • Culture and diversity: Join a people oriented environment with different nationalities and a great team spirit, flat hierarchies (everyone speaks to everyone). Equal Opportunity Employer and LGBT+ friendly.

  • Global Collaboration: Work collaboratively with stakeholders around the globe.

  • Career Development: Benefit from continuous training, coaching, and talent development programs.

  • Social Benefits: flexible compensation (transport tickets, training, private insurance), etc.

  • Own canteen: take a break with our breakfast and lunch service: chose between a wild range of menus, salad desk, and sandwiches service. Nicely prices!

  • Work-Life Balance: Flexible working hours with the option for remote work (M-Th 8.30 – 17.30 and Fri 8.30 – 15.30; 3 days of remote work).

  • Location: Sant Joan Despí. Easy communication by public transport.

 

 

Privacy Notice

The personal data you provide will be processed to manage your application in accordance with the GDPR and our Privacy Policy, available at Data Privacy | G+D.

$$ We are an equal opportunity employer! We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation. 

 $$ HR Team Spain $$ seleccion.gdi@gi-de.com $$ $$ $$ https://career5.successfactors.eu/career?company=gieseckede&career_job_req_id=27349&career_ns=job_application

We are an equal opportunity employer! We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation.

We are looking forward to receiving your application!
Giesecke + Devrient Mobile Security TCD Iberia S.L.
Av. Baix Llobregat, 3, 5, 08970 Sant Joan Despí, B
www.gi-de.com/careers
IT_GROUP_MF_EUR_RUS_AUS_USA_CAN
My team is shaping the future of IoT security.
I’m proud of what we do:

Apply now »