What you'd actually do

Assist in performing security evaluations of new and existing vendors to ensure they meet Celonis’ security requirements.

Monitor the ongoing security posture of our third-party ecosystem for deficiencies and track remediation efforts.

Support the day-to-day management and configuration of our Governance, Risk, and Compliance (GRC) platform to streamline risk workflows.

Maintain high-quality data within our risk registers and vendor databases, ensuring all records are accurate, up-to-date, and audit-ready.

Help create and maintain internal records related to vendor audits and compliance checks (e.g., SOC2, ISO 27001).

Skills

Required

Currently enrolled in a Bachelor’s or Master’s program in Information Security, Business Informatics, or a related field.
Basic understanding of security and regulatory frameworks (e.g., ISO 27001, GDPR, or SOC 2).
An exceptional eye for detail and a value for correctness and efficiency.
Excellent problem-solving skills and the ability to communicate effectively in English.
A proactive mindset and the desire to work in a fast-paced, high-growth environment.
Must be currently based in or around Munich, Germany, and able to work on-site at our headquarters

Nice to have

A keen interest in how cloud-native environments (AWS, Azure, or GCP) manage security and compliance.
Experience with GRC tools or a passion for using automation to improve repeatable processes.

Celonis is the global leader in Process Intelligence and the pioneer of Process Mining technology. As one of the world’s fastest-growing enterprise SaaS companies, we are changemakers pushing the boundaries of what’s possible. We invest heavily in advanced AI capabilities—specifically our Process Intelligence Graph—to turn data insights into immediate business action. We believe there is a massive opportunity to unlock global productivity and sustainability by placing intelligence at the core of every business process. Join our mission to make processes work for people, companies, and the planet.

The Team: Our Global information security organization is responsible for security and trust. We think security offensively and defensively, continuously monitoring our global security posture and adapting to the ever-changing threat landscape. Within this org, the Trust team ensures that our people, platforms, and data remain secure from all forms of harm.

The Role: At Celonis, we believe that trust in our security, governance, and compliance is critical. As a Working Student for Third-Party Risk Management (TPRM), you will support the Security Risk Management team in ensuring our vendor ecosystem meets our high security standards. You will contribute to efforts that provide transparency to stakeholders and help maintain our security goals by evaluating the risk profiles of our partners. This role is a blend of analytical assessment, technical administration, and cross-functional collaboration.

T****he work you’ll do:

Third-Party Risk Assessments: Assist in performing security evaluations of new and existing vendors to ensure they meet Celonis’ security requirements.
Vendor Risk Monitoring: Monitor the ongoing security posture of our third-party ecosystem for deficiencies and track remediation efforts.
GRC Tool Administration: Support the day-to-day management and configuration of our Governance, Risk, and Compliance (GRC) platform to streamline risk workflows.
Data Integrity: Maintain high-quality data within our risk registers and vendor databases, ensuring all records are accurate, up-to-date, and audit-ready.
Security Documentation: Help create and maintain internal records related to vendor audits and compliance checks (e.g., SOC2, ISO 27001).
Cross-Functional Support: Coordinate with stakeholders in Procurement and Legal to ensure alignment on third-party security standards

The qualifications you’ll need:

Currently enrolled in a Bachelor’s or Master’s program in Information Security, Business Informatics, or a related field.
Basic understanding of security and regulatory frameworks (e.g., ISO 27001, GDPR, or SOC 2).
A keen interest in how cloud-native environments (AWS, Azure, or GCP) manage security and compliance.
An exceptional eye for detail and a value for correctness and efficiency.
Excellent problem-solving skills and the ability to communicate effectively in English.
A proactive mindset and the desire to work in a fast-paced, high-growth environment.
Location**:** Must be currently based in or around Munich, Germany, and able to work on-site at our headquarters
Bonus**:** Experience with GRC tools or a passion for using automation to improve repeatable processes.

What Celonis can offer you:

Pioneer Innovation: Work with the global leader in Process Mining and the Process Intelligence Graph to shape the future of AI-driven business operations.
Ownership from Day 1: Every full-time "Celonaut" is an owner, receiving Restricted Stock Units (RSUs) and merit-based refresh grants.
Unrivaled Family Support: Benefit from our inclusive parental leave policy—24 weeks of fully paid leave for primary carers and 12 weeks for supporting carers, available from your first day of employment.
Work-Life Integration: Enjoy Unlimited PTO (in applicable regions) and generous PTO globally, as well as a flexible hybrid work model that balances remote focus with vibrant office collaboration.
Continuous Growth: Elevate your skills through our 70-20-10 learning framework, mentorship programs, and access to a dedicated learning platform.
Holistic Well-being: Prioritize your health with subsidized Wellhub memberships, mental health counseling, and dedicated "Wellness Weeks" that prioritize work/life balance.
Drive Sustainability: Participate in annual Impact Days, where you receive paid time off to volunteer for community and environmental causes with your local office, or virtually.
Global Inclusion & Belonging: Find community through our Inclusion Think Tank and participate in our annual Inclusion Days, ensuring every voice is heard and valued.
Value-Driven Impact: Join a mission-led organization where our core values—Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future—drive every decision.

About Us:

Celonis makes processes work — for people, companies, and the planet. Powered by process mining and AI, the Celonis Process Intelligence Platform integrates process data and business context to create a living digital twin of business operations. We enable thousands of companies worldwide to understand how their business actually runs and, together with their partners, build intelligent solutions that transform and continuously improve the way they operate — unlocking billions in value. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.

Get familiar with the Celonis Process Intelligence Platform by watching this video.

Celonis Inclusion Statement:

At Celonis, we believe our people make us who we are and that “The Best Team Wins”. We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard - that's when creativity and innovation happen.** **

Your Privacy:

Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices

By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.

Please be aware of common job offer scams, impersonators and frauds. Learn more here.