System Security Manager

The Frequentis Group is an international supplier of communication and information systems for control centres with safety-critical tasks. These 'Control Centre Solutions' are developed and distributed by Frequentis in the business segments Air Traffic Management (civil and military air traffic control, aeronautical information management, air defence) and Public Safety & Transport (police, fire and rescue services, emergency medical services, vessel traffic and railways). With headquarters in Vienna, the company employs more than 2300 people worldwide, with subsidiaries, regional offices and representatives in over 50 countries.

In Cluj we started in 2009 and our local team currently has 180+ colleagues and is growing. As part of our team, you will actively develop products in an international environment, where experienced people will help you further develop your skills and advance in your career.

Purpose of the Role

As a System Security Manager within the System Security Competence Centre (SSCC) Core Team—you will be responsible for ensuring that system security standards are defined, maintained, and effectively applied to all Frequentis products and projects. Through close collaboration with project, product, and operational teams, the System Security Manager supports the consistent, efficient, and compliant integration of system security best practices across the organization.

Key Tasks

Governance & Compliance

• Maintain, improve, and enforce existing system security standards and requirements for all Frequentis products, projects, and services.
• Develop, maintain and distribute new system security requirements to ensure ongoing compliance with ISO/IEC 27001, NIS2, CIS Controls/Benchmarks, and industry best practices.
• Monitor relevant changes in international system security standards, legislation, and accreditations, ensuring Frequentis remains compliant.
• Ensure that non-conformities are tracked, documented, and improvements are addressed or residual risks are accepted.
• Support the certification and continuous improvement of Frequentis AG's ISMS.

Support, Guidance & Enablement

• Provide guidance and enablement to the Project Security Manager in Delivery, Security Champions in Development and collaborate closely with the security agents from the (Strategic) Business Units
• Conduct security risk assessments and evaluate vulnerability scans, reporting and communicating findings clearly to relevant stakeholders.
• Support the definition, implementation, and review of security concepts, risk assessments and technical security deliverables.
• Nice to have: Experience or knowledge of security tools (Static Application Security Testing (SAST) – SonarQube, Coverity, Software Composition Analysis (SCA) – BlackDuck, Dynamic Application Security Testing (DAST) – OWASP ZAP, Burp Suite Pro & Vulnerability Scanning – Nessus Pro)
• Secure Software Development Lifecycle (S-SDLC) Processes and principles e.g., OWASP SAMM

Security Testing & Assurance

• Coordinate and review penetration testing and vulnerability management activities for products.
• Lead or support security assessments (audits, reviews, tests) to ensure that Frequentis system security processes are applied and followed.

Training & Awareness

• Design and deliver security training programs and courses for Frequentis employees, fostering a culture of security awareness and best practice.
• Enable teams to integrate security into daily work through targeted enablement, coaching, and practical guidance.
• Organize and facilitate courses on a range of security technologies, standards, and practices, tailored to both technical and non-technical audiences.

Documentation & Continuous Improvement

• Own the definition and maintenance of the Frequentis System Security Standard, including policies, guidelines, processes, and baseline security requirements.
• Regularly review and update security documentation and templates to reflect evolving threats, technologies, and compliance requirements.
• Proactively identify areas for process optimization and drive improvements across system security processes.

Key Qualifications

Required Qualifications & Experience

• Education: Degree in Informatics, Computer Science, IT Security, or equivalent technical field.
• Certifications: Specialized security certifications (e.g., CISSP, CSSLP, ISO 27001, CompTIA Security+, Azure – SC-900, AZ-500) are an advantage.
• Experience: Several years of professional experience in IT or information security
• Application of IT security standards (ISO 27001/2, CIS, NIS2)

Skills & Competencies

• Strong organizational, communication, and stakeholder management skills
• Proactive, self-driven, and dynamic, with high personal initiative
• Analytical mindset, able to solve complex security problems and facilitate risk-based decision-making
• Team player, able to work effectively in global, cross-functional environments
• Ability to coach and mentor others, and promote security culture across diverse teams
• Fluency in English; additional languages are a plus
• Willingness to travel internationally (approx. 20%)

Our Values

Frequentis team is committed to creating a safer world with our innovative strength and technology orientation. At Frequentis Romania we are a family, while we value and work under a safety-critical mindset. We believe in courage and expertise, applied in everything we accomplish.