Company Description

Do you want beneficial technologies being shaped by your ideas? Whether in the areas of mobility solutions, consumer goods, industrial technology or energy and building technology - with us, you will have the chance to improve quality of life all across the globe. Welcome to Bosch.

Job Description

We are looking for a Senior Security Specialist to lead security governance efforts across PT and strengthen our cloud security posture, especially in Microsoft Azure environments.

Our ideal candidate has a strong foundation in security governance (e.g., frameworks, policies, vulnerability management) and working experience with cloud security. However, we are also open to experienced cloud security experts who are eager to expand into governance and compliance responsibilities.

This role is critical in aligning security strategy with business and regulatory requirements, supporting secure cloud operations, and collaborating with both internal stakeholders and external security consultants.

Key Responsibilities

Security Governance (Primary Focus)

► Define and implement the department’s security governance strategy, aligned with internal policies and industry standards (e.g., NIST CSF, ISO 27001).
► Coordinate vulnerability management programs, including prioritization, remediation tracking, and risk reporting.
► Oversee the development and enforcement of security policies, standards, and procedures.
► Support compliance audits and risk assessments, translating technical risks into business terms.

Cloud Security (Secondary Focus / Optional Priority)

► Collaborate with cloud teams to enhance Azure security posture, implement controls, and maintain visibility.
► Contribute to secure configuration and management of Azure services, including Defender for Cloud, Sentinel, Azure Policy, RBAC, PIM, and monitoring tools.
► Provide guidance during cloud security incidents and support incident response coordination and root cause analysis.
► Support security by design in cloud-based projects and deployments.

Communication

► Serve as a bridge between security consultants, engineering teams, and business stakeholders.
► Resolve incidents, especially those involving cloud platforms or external threats.
► Present complex security topics clearly to both technical and non-technical audiences.
► Support a culture of continuous improvement, risk awareness, and accountability in security practices.

Qualifications

Must-Have

• Proven experience in security governance, including:
  • Policy and control frameworks (e.g., NIST CSF, ISO 27001)
  • Vulnerability management lifecycle
  • Risk management and compliance
• Working knowledge or hands-on experience with Azure or other public cloud.
• Ability to coordinate cross-functional teams (incl. external vendors)
• Familiarity with web application and API security (e.g., OWASP Top 10, secure coding practices).

Nice to Have / Alternate Profiles

• Deep Azure cloud security expertise, ideally with experience in cloud security design, implementation, and tooling.
• Experience with DevSecOps, cloud-native security tooling, or automation of cloud security controls.
• Background in incident response in hybrid or cloud-native environments.

Education:

• Bachelor’s degree in Computer Science, Information Technology, or a related field;

Certifications (Preferred, Not Required)

• AZ-500 – Microsoft Azure Security Engineer Associate
• SC-100 – Microsoft Cybersecurity Architect Expert
• CISSP, CCSP, or similar security governance certifications