Cybersecurity GRC & AI Governance Expert

External

Suse · Emea, Czechia

Full-timeRemoteToday

ComplianceKubernetesLinuxRisk ManagementSOC 2

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

SUSE is a global leader of enterprise open source software. By transforming community innovations into secure, sovereign and AI-ready solutions, SUSE empowers customers to escape vendor lock-in and regain control of their IT destiny. Through industry-leading Linux, Kubernetes, Edge and AI infrastructure solutions, SUSE delivers the flexibility to innovate everywhere-from the data center to multi-cloud and out to the edge. Only SUSE also manages many Linux and Kubernetes distributions. At SUSE, Choice Happens because we prioritize community, interoperability and relentless innovation. Discover how we power mission-critical resilience at www.suse.com . Cybersecurity GRC & AI Governance Expert Job Description Position Overview We are seeking a highly skilled Cybersecurity GRC & AI Governance Expert to join our fully remote Cybersecurity GRC team. In this cybersecurity role, you will support the execution and continual improvement of SUSE's global cybersecurity governance, risk management and compliance strategy. In addition, this position acts as the subject matter expert for AI Governance, anchoring the organisation's AI governance capability within the GRC function and ensuring that internal AI management and product integrations comply with emerging global regulations. The ideal candidate for this role possesses a strong background in traditional security frameworks (ISO 27001, SOC 2) alongside a practical understanding of AI risk management (ISO 42001, EU AI Act).

Responsibilities

Cybersecurity GRC

Governance & Policies: Develop, maintain and support implementation of SUSE ISMS policies, procedures and standards, working with control owners and accountable functions to ensure requirements are understood, implemented and evidenced.

Technical Control Management: Ensure governance policies are effectively translated into technical controls, driving the continuous improvement in this area.

Risk Management

Audit Facilitation: Coordinate and lead internal and external security audits. Serve as the primary point of contact for external auditors and track remediation plans for any identified gaps.

Security Awareness: Design and deliver security awareness initiatives to promote a culture of compliance.

GRC Engineering: Define and improve GRC and AI governance workflows, evidence models, dashboards and automation requirements. Partner with the Cybersecurity GRC Engineer to implement, configure and maintain tooling, integrations and automated workflows

GRC Platform Management: Maintain, configure, and optimize GRC platform

AI Management & Governance

AI Management System: Operationalize and maintain SUSE's AI Management System in alignment with the ISO/IEC 42001

Regulatory Compliance: In cooperation with the legal department, monitor and implement compliance of internal AI adoption, AI-enabled business processes, AI-enabled engineering workflows, AI-enabled or AI-related products with EU AI Act and other relevant global AI regulations.

AI Risk & Threat Modelling

Required Skills & Qualifications

Experience: 5+ years in Cybersecurity GRC and 3+ in AI Governance or related field

Regulatory & Standard Expertise: Deep knowledge of ISO/IEC 27001, ISO 42001 and SOC 2 frameworks. Comprehensive knowledge of current EU cybersecurity regulations (NIS2, CRA, DORA, EU AI Act)

Audit Experience: Experience managing end-to-end audit lifecycles.

AI Management Knowledge: Demonstrated understanding of AI concepts and the operational risks associated with deploying AI technologies in an enterprise environment

Technical Proficiency: Ability to collaborate effectively with Engineering, Security Operations and Security Architect teams.

Communication: Clear communication skills. Experience leading cross-functional initiatives across different technical/compliance teams is an advantage.

AI Efficiency: Demonstrated ability to effectively leverage and integrate AI tools into daily workflows

Open Source Knowledge: Familiarity with open-source software is an advantage

Cybersecurity Certifications are an advantage.

Actual compensation will be determined based on objective, non-discriminatory criteria including experience, skills, qualifications, geographical location, internal equity, and budget considerations. Bonus payments are subject to the terms of the applicable bonus plan and c

Cybersecurity GRC & AI Governance Expert

About the role

Responsibilities

Benefits

Your Match

Company Intel

What employees say

Interested in this role?