ABOUT THE ROLE:

We are seeking a dedicated and experienced Information Security Officer to join our team. As we scale, maintaining the highest standards of security and compliance is paramount. This role will be pivotal in safeguarding our company and products, ensuring the integrity and confidentiality of our data.

You will be responsible for managing aspects of both information and cyber security, from collaborating on risk assessments with different stakeholders, and compliance audits to employee training and security awareness. This position requires a proactive individual with a strong background in information security, capable of independently driving initiatives and maintaining a robust security posture.

ONCE YOU ARE HERE YOU WILL:

• Develop, implement, and maintain comprehensive information security policies and procedures.
• Work closely with our consultants to
• Plan and execute security awareness training programs for all employees, fostering a security-conscious culture.
• Monitor and analyze security incidents, conduct investigations, and implement corrective actions.
• Evaluate and recommend security technologies and tools to enhance our security infrastructure and posture.
• Ensure data privacy and compliance with relevant regulations in tandem with internal and external stakeholders (e.g., GDPR).
• Collaborate with engineering and product teams to promote and maintain security best practices in the development lifecycle.
• Manage and maintain documentation related to security policies, procedures, and compliance.
• Act as the primary point of contact for security-related inquiries and incidents.
• Support internal teams during contract and sales processes with regards to Information and Cyber Security themes.
• Regularly report on the state of information security to the CEO office.

WHAT WE NEED YOU TO BRING TO THE TABLE:

• 7 - 10 years of experience in information security in a SaaS environment.
• Proven track record of managing compliance audits (SOC 2, ISO 27001, etc.).
• Strong understanding of security frameworks and best practices (NIST, CIS, etc.).
• Experience with risk assessment, vulnerability management, and incident response.
• Strong project management skills, with the ability to manage multiple priorities and deadlines.
• Excellent communication and interpersonal skills, with the ability to train and educate employees.
• Ability to work autonomously and take ownership of security initiatives.
• Willingness to work on data privacy regulations (GDPR, etc.).
• Relevant certifications (e.g., CISSP, CISM, CISA) are a strong plus.

• Learning budget and LinkedIn Learning
• 30 vacation days
• Remote-work abroad up to 90 days
• In-house German language courses
• Discounted Urban Sports Club membership and BVG ticket
• Work-Dog-Balance, your best friend is more than welcome!
• Mental health support with Nilo.health