View job here

Introduction:

The ARGO-HYTOS Group is a globally operating provider of hydraulic system solutions. With around 1,000 employees and over 75 years of experience in control technology, regulation, and filtration, ARGO-HYTOS continues to set new standards in the hydraulics industry. The ARGO-HYTOS Group operates production companies in Germany, the Czech Republic, India, China, Poland, Brazil, and the USA, and is active worldwide through numerous international sales subsidiaries. Since August 2022, ARGO-HYTOS has been part of the Voith Turbo Division within the Voith Group.

For our team at Vrachlabi, Czech Republic we are currently seeking an Security & Compliance Engineer (m/f/d)

Ensure that information security and compliance are not only documented but implemented and operated in the systems. The role combines ISMS/GRC ownership (risk, policies, audits, evidence) with hands-on security engineering (identity, endpoint, secure access, logging/monitoring, vulnerability management, incident support).

Your scope of responsibilities includes:

  • Own and improve the ISMS: policies/standards, risk register, treatment plans, evidence, and continuous improvement tracking.
  • Drive compliance and audits: coordinate internal/external audits; remediate, document and close findings.
  • Translate requirements into controls: implement technical measures and verify effectiveness
  • Implement and operate core controls in Microsoft/Entra: MFA, Conditional Access, role-based access, privileged access practices, access reviews.
  • Operate endpoint security and hardening: EDR/EPP configuration, baseline policies, encryption, device compliance, remediation follow-up.
  • Primary contact for Cyber Defence Center and their investigations; implement measures with GroupIT team.
  • Support secure access patterns: SASE/VPN policy enforcement and secure connectivity.
  • Run vulnerability & patch management cycles: scanning coordination, remediation, exceptions and evidence.
  • Improve logging/monitoring: required logs, alert coverage, retention and audit trail.
  • Strengthen resilience: backup/restore security, recovery readiness, ransomware resilience (incl. restore testing evidence).
  • Support incident response: triage, containment coordination, recovery support, post-incident reviews and prevention actions.
  • Embed security into IT operations: integrate controls into change/release, operations and service management with pragmatic guardrails.
  • Report security posture proactively: KPIs (e.g., MFA coverage, device compliance, patch status, critical risks, restore-test success); escalate early and drive closure.

Your Profile:

  • Hands-on experience in IT security or M365/Entra administration.
  • Solid understanding of ISO 27001 concepts (risk-based approach, controls, evidence); audit support experience is a plus.
  • Technical depth in at least 3 areas: IAM, endpoint security, secure access, vulnerability management, logging/SIEM, backup/recovery.
  • Strong documentation skills (policies, procedures, operational runbooks, audit evidence).
  • Proactive working style: identify gaps, propose solutions, implement, and follow through.
  • Structured, persistent, delivery-oriented (“close gaps, don’t just report”).
  • Pragmatic communicator across IT and business.
  • Comfortable switching between audit readiness and technical troubleshooting.