IT Systems & Compliance Administrator (ISO 27001 / TISAX / Infrastructure)

About useblocks

useblocks is redefining the future of engineering workflows by enabling “Engineering-as-Code.” From aerospace to automotive to medical, global leaders like BMW , Bosch , CARIAD and Mercedes-Benz trust our tools for safety-critical systems. Our open-source project, Sphinx-Needs , has grown to over 341,000 monthly downloads , setting the standard for documentation and traceability management.

Your Role

We are looking for a security-driven and process-oriented IT Systems & Compliance Administrator to take ownership of our internal infrastructure, toolchain qualification, and security certifications. You will play a central role in enabling trust for customers in highly regulated industries like automotive , aerospace , and medical systems by ensuring that everything we build and run is secure , compliant , and qualified .

You’ll work closely with both leadership and engineering to evolve our internal systems, achieve and maintain TISAX/ISO certifications, and guide customers through tool qualification processes that are critical for using our software in safety-critical contexts.

Key Responsibilities

• Lead and maintain IT compliance initiatives, especially TISAX , ISO 27001 , and ISO 27017 certifications.
• Manage internal IT operations across Linux , macOS , and Windows platforms—including secure configuration, user provisioning, and endpoint lifecycle management.
• Take ownership of Company IT Security as a holistic discipline: threat modeling, zero-trust access, encryption, and regular vulnerability assessments.
• Define and enforce security best practices across the organization, including email security , password managers , endpoint hardening , and employee onboarding/offboarding workflows .
• Design and implement secure CI infrastructure, including hardened CI nodes for building qualified software artifacts.
• Build and manage secure, privacy-first environments for BYOD , VPNs , and remote-first operations.
• Define and execute toolchain qualification strategies (e.g., for ISO 26262, ASPICE environments) in collaboration with engineering and product.
• Maintain clear, audit-ready documentation for all compliance and security systems.
• Conduct regular risk assessments , design incident response workflows, and lead security awareness efforts across the team.
• Collaborate with external auditors, enterprise customers, and technology partners on infrastructure, compliance, and security topics.

Who You Are

• Proven experience in IT operations, system hardening, and compliance in regulated environments.
• Hands-on expertise with system administration across Linux, Windows, and macOS.
• Deep understanding of TISAX , ISO 27001 , ISO 27017 , and ideally ISO 26262 / tool qualification.
• Familiarity with infrastructure-as-code, VPN/Firewall configuration, and CI/CD tooling.
• Excellent documentation habits and a structured approach to audits, checklists, and process design.
• Fluency in English required; German is a plus.

Soft Skills

• Highly structured, reliable, and calm under pressure
• You enjoy creating clarity in complex, high-responsibility areas
• Collaborative across technical and non-technical teams
• Security mindset with empathy for developer workflows
• Committed to transparency, trust, and continuous improvement

Why Join Us?

• Help shape the IT and compliance backbone of a fast-growing dev tooling company
• Work at the intersection of open-source , developer productivity , and safety-critical industries
• Collaborate with elite automotive and aerospace customers on compliance and audits
• Influence tool qualification practices for widely adopted OSS like Sphinx-Needs
• Flexible work culture with high autonomy and strong values
• Competitive salary based on experience and impact

How to Apply

Sound like your kind of mission? Send us your CV and a short note about your background to career@useblocks.com