Digital jobs in United States

Hybrid from our Hub locations in Madrid / Málaga or remote.

Cybersecurity Hub – Certification.

Full-time, Permanent.

Since its foundation in 1925, the DEKRA promise has been to ensure the safety of human interaction with technology and the environment. The company currently employs around 48,000 people in more than 60 countries on all five continents.

We have a clear and ambitious vision of the future. The vision for our 100th birthday in 2025 is to see DEKRA as the global partner for a safe, secure, and sustainable world.

At DEKRA, within our Cybersecurity Hub, we lead global security certification efforts for some of the world\'s most critical ICT products and services. As a Senior EUCC Certifier, you will be instrumental in managing cybersecurity certification processes under the European Union Common Criteria (EUCC) framework. This role places you at the heart of a world-renowned Certification Body and Common Criteria laboratory, recognized for its technical excellence and global impact.

This is a unique opportunity for a Common Criteria expert who also brings strong experience in certification principles, certification schemes management, and quality assurance under standards such as ISO / IEC 17065 and ISO / IEC 17025. You will work with international clients, regulators and standardization organisms, influence certification policies, and help shape the future of secure ICT products in Europe.

• You will be responsible for the following core activities :
• Lead and manage EUCC certification projects: ensure full compliance with EUCC scheme requirements from initiation to final certification decision.
• Technical oversight : review laboratory evaluation reports, assess conformance with ISO / IEC 15408 and ISO / IEC 18045, and verify certification deliverables.
• Decision-making : issue, suspend, or withdraw certifications as appropriate based on structured evidence and certification criteria.
• Quality system leadership: operate and maintain the QMS of the Certification Body in alignment with ISO / IEC 17065 and regulatory State of the Art documents. Contribute to internal audits, procedural updates, and policy improvements.
• Supervision and mentoring: support and oversee junior certifiers and trainees in their professional development.
• Customer and regulatory interface: serve as a trusted liaison with clients and national / EU authorities, ensuring certification activities are aligned with regulatory expectations.
• Continuous surveillance and conformity activities: monitor certified products, approved labs, and certificate holders to ensure ongoing compliance.
• Vulnerability disclosure coordination: participate in vulnerability handling and disclosure processes for certified products with manufacturers and national cybersecurity certification authorities.
• Training and knowledge dissemination: lead internal training and client awareness sessions on EUCC and certification best practices.
• Participation in standardization and technical communities: contribute to certification schemes, technical domains, and standards development initiatives (e.g., cPPs, EUCC workgroups).
• Extended Responsibilities and Professional Growth Opportunities: Contribute to the development and maintenance of certification schemes beyond EUCC, including the definition of security requirements, evaluation methodologies, and conformity assessment processes in line with applicable regulations (e.g., CRA, eIDAS, EUDI Wallet).
• Support the design, implementation, and continual improvement of Quality Management Systems for Conformity Assessment Bodies (CABs), in compliance with international standards such as ISO / IEC 17065 and ISO / IEC 17025.
• Participate in accreditation processes and provide technical expertise to extend or establish CAB accreditations under different regulatory frameworks and certification domains.

• Minimum 5 years of professional experience in cybersecurity evaluation and certification.
• At least 3 years of direct experience in Common Criteria certification or evaluation (Mandatory).
• Proven expertise in ISO / IEC 15408 : 2022 and ISO / IEC 18045 : 2022.
• Common Criteria evaluations (covering various technologies such as software, OS, hardware, etc.).
• EUCC scheme operation and documentation requirements.
• Strong understanding of certification principles: impartiality, repeatability, comparability, and traceability.
• In-depth knowledge of quality and accreditation standards: ISO / IEC 17065 and ISO / IEC 17025.
• Proven ability to work with or manage CABs, laboratories, and regulators within structured conformity assessment frameworks.
• Bachelor\'s degree in Computer Science, Telecommunications, or equivalent technical field.
• Professional fluency in English (spoken and written).
• Autonomous working style, high level of professionalism, and strong project management and analytical skills.

• Participation in European and international technical groups (e.g., SOG-IS, CCUF, cPP development, ENISA working groups, etc.).
• Experience in scheme development, certification policy, or regulatory advisory roles.
• Relevant cybersecurity certifications such as CISA, OSCP, CEH, or equivalent.

• Competitive salary and benefits package.
• Career path in cybersecurity certification and access to internal / external training programs.
• Work in a collaborative, international, and technically advanced environment with high-impact projects.
• Participation in leading cybersecurity conferences and community events.
• Hybrid or remote working options.
• Flexible work model that allows the conciliation between personal and work life.
• Intensive summer days and every Friday of the year.
• Possibility of accessing restaurant vouchers, nursery vouchers, and private medical insurance.
• Discounts on major brands : textiles, consumer goods, electronics, travel agencies.