Cybersecurity Automation Engineer in Transporeon

Your Title: Cybersecurity Automation Engineer, GRC and Third Party Risk
Job Location: Ukraine - Remote
Our Department: Corporate Cybersecurity

Are you a cybersecurity professional with a developer's mindset? Do you look at manual, repetitive tasks and see opportunities for code and innovation?Join our Information Security team as a Cybersecurity Automation Engineer and revolutionize the way we manage risk! 

What You Will Do
You will leverage your programming skills and deep security knowledge to design, build, and maintain the automated workflows that form the backbone of our risk management strategy. You'll directly enhance efficiency, sharpen data accuracy, and dramatically scale our ability to secure the enterprise, including pioneering automated assessment strategies for high-stakes, third-party AI vendors. If you're ready to code security into the very DNA of the company and transform risk into a fully automated, scalable function, step forward and build the future with us.

Core Responsibilities: GRC Automation & Risk Engineering 

Automation & Integration Architect

• Design, develop, and maintain automated solutions for our GRC and TPRM lifecycle (vendor assessments, evidence collection, issue tracking).
• Build seamless, real-time data integration between the GRC platform and critical IT systems (e.g., scanners, asset inventory, cloud environments) using REST APIs.
• Automate data collection and normalization across various sources to power dynamic risk intelligence and executive reporting.
• Streamline internal audit functions by creating custom workflows for control testing and policy exception management.
• Drive continuous improvement by eliminating manual processes and reducing human error across all security functions.

Third-Party & AI Governance Engineering

• Develop technical solutions and scripts to automate the specialized risk assessment of third-party AI/ML models (data privacy, model integrity, security controls).
• Serve as the primary technical SME for the GRC team during complex vendor reviews and program evolution.
• Ensure automation tools are built and maintained using software development best practices (version control, documentation).
• Apply a unique blend of security and development skills to solve emerging challenges and special projects for the Information Security department.

What Skills and Experiences You Should Bring

• 3 years of experience in cybersecurity, information technology, or a similar field, with at least 2 years in a role with a significant scripting, development, or automation component.
• Proficiency in at least one scripting language, with Python strongly preferred (experience with PowerShell, Go, or similar languages is also valuable).
• Demonstrable proficiency in.NET framework.
• Demonstrated experience working with REST APIs to integrate disparate systems and automate data exchange.
• Solid understanding of core cybersecurity principles and GRC/TPRM frameworks (e.g., NIST CSF, ISO 27001, SOC 2).
• A builder's mindset with a passion for solving complex problems through elegant, automated solutions
• Proficiency in English