Security Compliance Specialist

At Trezor , security isn’t a checkbox. Security has always been at the core of what we do . From day one, we understood the risks of weak security practices. That’s why we didn’t just follow standards — we helped define them. We introduced the first hardware wallet and pioneered widely adopted security features such as Recovery seeds , Passphrases , and Shamir Backup — all of which contributed to our global success. We’re now looking for a Security Compliance Specialist who will help us strengthen and scale our cybersecurity and compliance framework, particularly in light of evolving regulations such as NIS2 and CRA . This is a cross-functional role with real impact. You’ll collaborate across teams and actively shape how security and compliance operate in a growing tech company — without the bureaucracy of a large corporation. If you’re looking for a role where compliance is practical, meaningful, and closely tied to real-world security, keep reading. 👉 What You'll Do Rather than owning just one narrow domain, you’ll support multiple areas of security and compliance: Supply Chain Security: Conduct assessments of IT systems supply chain risks, focusing on cybersecurity aspects Develop and enforce security standards and protocols for suppliers Monitor and evaluate the cybersecurity practices of suppliers and partners Access Management (mostly for cloud-based SaaS applications): Support the design and implementation of access control policies and procedures, ensuring that employees have access only to the resources necessary for their roles Participate in the user account management, including setting up, modifying, and revoking access as needed Support regular access reviews to ensure compliance with the least-privilege principles Testing & Auditing : Coordinate and execute regular security and compliance audits Analyze audit and test results to identify vulnerabilities and non-compliance issues Recommend and follow up on corrective actions to address identified weakn