Save job Share Apply

Compliance & Cybersecurity Specialist

Nissens Automotive A/S
Horsens

If you are motivated by strengthening cybersecurity, safeguarding critical data, and ensuring IT compliance in a complex, global environment, this role offers a unique opportunity to make a tangible impact. We are looking for a detail-oriented and proactive Compliance & Cybersecurity Specialist to join our IT organization at Nissens, a global company with a strong focus on security, compliance, and operational excellence.

In this role, you will work at the intersection of regulatory compliance and cybersecurity operations, collaborating closely with IT, security partners, and business process owners. You will play a key role in protecting information assets, supporting audits, strengthening security baselines, and ensuring compliance with international regulatory frameworks in a continuously evolving threat landscape.

Job Purpose

The Cybersecurity & Compliance Specialist ensures that security controls are effectively designed, implemented, monitored, and documented in line with regulatory requirements such as SOX and NIS2. The role is responsible for supporting and strengthening the organization’s cybersecurity posture and IT compliance framework, with major focus on SOX Compliance.

Working closely with IT teams, incident response providers, and business stakeholders, the role contributes to risk reduction, audit readiness, and continuous improvement of cybersecurity and compliance practices across the organization.

Job Responsibilities

Compliance & Governance

  • Maintain and continuously improve SOX NIS2 & ITGC procedures, policies, and control documentation.
  • Execute and support SOX ITGC and NIS2 IT controls, including access management, change management, and IT operations controls.
  • Perform vendor security and compliance reviews, including assessment of ISAE 3402 and similar assurance reports.
  • Support SOX and regulatory audits, including evidence preparation, walkthroughs, and auditor coordination.
  • Collect, validate, and maintain audit evidence, ensuring completeness, traceability, and audit readiness.
  • Drive follow-up and remediation of audit findings in collaboration with IT and process owners.

Cybersecurity & Security Operations

  • Plan, coordinate, and support security awareness training programs to strengthen security culture across the organization.
  • Monitor, investigate, and follow up on data exfiltration and DLP-related incidents, ensuring proper documentation and remediation.
  • Review and manage user access rights, including periodic access reviews and segregation of duties support.
  • Classify critical data and IT assets, ensuring appropriate protection measures are applied.
  • Stay current on cybersecurity trends, threat actors, and attack techniques, translating insights into actionable improvements.
  • Track, verify, and follow up on patching and remediation of identified vulnerabilities.
  • Monitor Threat Intelligence feeds and ensure appropriate follow-up on relevant findings.
  • Collaborate closely with the SOC team, reviewing reports, alerts, and recommendations.
  • Coordinate with the incident response partner and follow up on incident reports and corrective actions.
  • Ensure compliance with security baselines and hardening standards for:
    • End-user devices
    • Mobile devices
    • IoT devices

Professional Competencies

  • Strong knowledge of IT compliance frameworks and regulations, including SOX, ITGC and NIS2 with the ability to translate requirements into practical controls.
  • Hands-on experience maintaining policies, procedures, control narratives, process flows, and RACI models in an audit-ready state.
  • Experience executing and/or supporting SOX, ITGC controls, including:
    • Access management
    • Change management
    • IT operations controls
    • Periodic access reviews
  • Solid evidence management skills, including collection, validation, packaging, and traceability of audit artifacts.
  • Experience supporting audits, including walkthrough preparation, auditor communication, and remediation tracking.
  • Experience with third-party assurance reviews, including ISAE 3402 reports and follow-up on exceptions.
  • Strong understanding of data protection principles, including data classification, encryption, sensitivity labels, and DLP investigations.
  • Ability to collaborate on incident handling, including triage, coordination with SOC and IR partners, documentation, and lessons learned.
  • Knowledge of security baseline and hardening standards for endpoints, mobile, and IoT devices (e.g., CIS benchmarks).
  • Familiarity with security monitoring concepts, including logging, alerting, SIEM usage, and translating alerts into documented actions.
  • Strong communication skills, with the ability to explain cybersecurity and compliance requirements to both IT and non-technical stakeholders and ensure alignment on roles, responsibilities, and deadlines.

We Offer

At Nissens, you will join a global organization with a strong heritage, innovative mindset, and a clear commitment to security, quality, and compliance. We offer a stable and collaborative working environment where trust, responsibility, and development are key elements of our culture.

You will have the opportunity to work closely with international colleagues, security partners, and business stakeholders, contributing directly to the protection of our information assets and the robustness of our IT governance framework.

If you have any questions about the role, please contact our IT Manager, Jonas Larsen at jola@nissens.com.

Apply with QuickApply on Jobindex.

Apply