Information Security Officer / Information Security Manager

📋 Description

• Ongoing Improvement of Security Posture: Take complete responsibility for our information security strategy by designing and implementing security processes that establish a solid foundation for the future.

• ISMS & Compliance Development: Create and enhance our Information Security Management System (ISMS) while ensuring adherence to frameworks such as ISO 27001/27002 and the NIST Cybersecurity Framework.

• Security Advisory & Support Services: Serve as the primary expert for security-related issues, providing support to product, engineering, and IT infrastructure teams.

• Threat Monitoring & Incident Management: Supervise and improve our security monitoring and patch management processes to ensure swift detection and resolution of threats.

• Cloud Security Enhancement: Lead initiatives for cloud security improvements across AWS and Microsoft Azure, ensuring comprehensive protection of our cloud infrastructure.

• SIEM & Infrastructure Security Support: Assist and optimize security monitoring systems while integrating new tools into our SIEM solution.

• Research & Awareness Initiatives: Stay ahead of emerging security threats, vulnerabilities, and attack methods, and implement security awareness training to cultivate a culture of security consciousness.

⛳️ Requirements

• Leadership Background: Minimum of 3 years of demonstrated leadership experience, including managing and developing team members, setting objectives, and driving execution among various stakeholders.

• ISMS Operations & Risk Management Experience: At least 3+ years of proven experience in operating and continuously enhancing an ISMS (aligned with ISO 27001), including security risk assessments, risk treatment plans, Statement of Applicability (SoA), and audit preparedness (both internal and external).

• Ownership of Security Programs & Roadmaps: Capability to drive ongoing enhancements in security posture through a structured security roadmap, prioritization, and measurable security KPIs/KRIs.

• Knowledge in AWS & Azure Cloud Security & DevSecOps: Over 3 years of hands-on experience securing AWS and Microsoft Azure environments and implementing security best practices within DevOps workflows (e.g., IAM, logging/monitoring, network security, key/secrets management, secure baselines/guardrails).

• Security Monitoring & SIEM Proficiency: Experience with security monitoring and SIEM operations, including onboarding log sources, developing/tuning detection rules and alerts, and integrating new security tools into SIEM workflows.

• Incident Response & Crisis Management Skills: Practical experience in establishing and executing incident response processes (playbooks, triage, coordination, post-incident reviews) to ensure rapid detection, containment, and recovery.

• Expertise in Vulnerability & Patch Management: Hands-on experience in creating and enhancing vulnerability management and patch management processes, including prioritization, remediation tracking, and exception handling.

• Security Awareness & Training Experience: Background in designing and delivering security awareness initiatives (trainings, guidelines, campaigns) to foster a security-conscious culture within the organization.

• Strong Communication & Collaboration Abilities: A team player capable of effectively conveying security principles to both technical and non-technical audiences.

• Analytical & Solution-Oriented Approach: Thrives in a fast-paced setting, managing multiple projects while maintaining attention to detail.

• Language Proficiency: Fluent in both German and English, in written and spoken forms.

🏝️ Benefits

• Flexibility for Your Lifestyle: Enjoy family-friendly working hours and a generous home office policy, allowing you to remain agile and flexible in various situations.

• Ergonomic Work Environment: We provide ergonomic workstations on office days to ensure a comfortable and healthy workspace.

• Independent Work Opportunities: With streamlined decision-making processes, we empower you to work autonomously and contribute your ideas – we provide the space for you to take on responsibility.

• Grow with Us: Unlock your potential with various growth and development opportunities, along with an annual development budget to support your professional and personal goals.

• Team Spirit: We value team spirit – we regularly organize events and parties where enjoyment is guaranteed.

• Mobility Your Way: Whether you prefer a train ticket or parking – we support your preferred mode of mobility.

• Stay Active: Maintain your fitness with a discounted membership at Fitness First or Urban Sports Club, or utilize our on-site fitness room to stay active after work and enhance your work-life balance.

• Secure Your Future: Plan for your future – we offer subsidies for company pension plans to help you prepare long-term with us.

• Customized Benefits: We consider your personal life situation – whether you are a parent or love to travel, we offer tailored benefits to fit your lifestyle.