Since its foundation in 1925, the DEKRA promise has been to ensure the safety of human interaction with technology and the environment. DEKRA achieved revenues of around €3.1 billion in 2017. The company currently employs around 48,000 people in more than 60 countries on all five continents.

We have a clear and ambitious vision of the future. The vision for our 100th birthday in 2025 is to see DEKRA as the global partner for a safe world.
 

Within our Cybersecurity Hub, we are responsible for performing product security evaluations and certification processes for the most important manufacturers worldwide to help them in regulations and industry certification schemes compliance

A cybersecurity certification process is a formal conformity assessment that evaluates whether a product, process, or service meets specific security standards to protect against cyber threats. At DEKRA, we have a number of Certification bodies that operate under the rules of different schemes for the issuance of certificates for products, processes, or services; in particular, the European Union Common Criteria (EUCC) for ICT products certification, the eIDAS for Trusted Services Providers  or our private scheme for cryptographic modules certification under ISO/IEC 19790. Laboratories report review, Certification Decision, and Continuous Monitoring are the most important activities performed by a Certification Body when operating in a scheme. However, there are also additional key activities in the scheme lifecycle: development, accreditation, and maintenance of the corresponding Quality Management System. That is what this position is all about.

If you are a passionate about cybersecurity and ready to make a difference in protecting critical ICT products, if you are familiar with cybersecurity regulations and standards, if you think that certification could be a field in which to develop a professional career, we're looking for a dedicated position in charge of supporting our Certification Bodies activities and schemes, including their development, accreditation and operation to join our certification team.

You will be part of worldwide reference cybersecurity conformity assessment bodies (EUCC, ISO 19790 scheme, etc.) participating in international projects with top-tier customers (in different verticals (ICT products, automotive, IoT etc.) guaranteeing the security of their products and services. 
 
What will be your responsibilities?

•    Participate in all the activities related to the cybersecurity certification schemes life cycle: 
      o    Be involved in the development and maintenance of the CAB quality management system and specific procedures for the Conformity Assessment activities.
      o    CB´s Accreditation
      o    Certification activities
      o    Revision of the evaluation results and the verification of the evaluation technical report. 
      o    Surveillance and monitoring activities related to certified products.
      o    Vulnerability management and disclosure activities. 
      o    Be involved in the development and maintenance of the CAB quality management system and specific procedures for the Conformity Assessment activities.
•    Stay Up-to-Date with Standards and regulations: continuously monitor and stay informed about updates to the standards (Common Criteria, ISO 19790, ISO 21434, etc…) and other relevant regulatory frameworks (Cyber resilience Act, AI ACT, eIDAS & EUDI Wallet etc.) to ensure our certification practices reflect the latest industry requirements.
 

What do we expect from you?
•    At least 1 year of experience in the cybersecurity field.
•    Bachelor's degree or equivalent.
•    Familiar with information and communication technologies.
•    Familiar with concepts of cybersecurity evaluation and conformity assessment.
•    Familiar with the Quality assurance standards (ISO/IEC 17065 and ISO/IEC 17025).
•    Motivation to understand and apply the basics of the cybersecurity certification.
•    Strong motivation to work in diverse, international, and multidisciplinary teams, with a collaborative and proactive attitude.
•    Fluent in oral and written English.

Ideally, you’ll also have

•    Education: Computer Science, Telecommunication or equivalent Bachelor's degree.
•    Familiar with evaluation/certification/compliance processes.
•    Familiar with cryptography.
•    Familiar with Common Criteria: ISO/IEC 15408:2022.
•    Familiar with Auditing processes.
•    Cybersecurity Certifications: CISA, OSCP, CEH or similar.
•    Participation in tech communities or standards development groups.
 

What can we offer?

•    Work in an attractive multinational environment together with other top security experts.

•    Permanent contract. 
•    Flexible work model that allows the conciliation between personal and work life.
•    Intensive summer day and every Friday of the year.
•    Possibility of accessing restaurant vouchers, nursery vouchers, private medical insurance, and WellHub

•    Healthy snacks and free coffee in our offices. 

•    English lessons to increase your level if it is needed. 
•    Discounts on major brands: textiles, consumer goods, electronics, travel agencies.
•    Our employees have an opportunity to develop a career plan with access to different certification programs (internal and external) as well as participate in cybersecurity events within the community and engage in a learning culture and more!

Location:
•    Hybrid options near our Hub locations in San Sebastián de los Reyes (Madrid) / Málaga.

We offer you an excellent opportunity to grow and develop your career in a leading multinational organization. For more info about us or what we do, visit www.dekra.com.