Head of Information Security (m/f/d)

About The Position

Requirements

• A technical background in software engineering, DevOps, or a comparable discipline, combined with several years of professional experience in information security.
• Deep understanding of ISMS frameworks, particularly ISO 27001, with hands-on experience in risk management, incident response, and vulnerability management.
• Strong communication skills with the ability to translate security topics for both technical teams and executive leadership.
• A collaborative, pragmatic approach to working with cross-functional teams, external partners, and senior stakeholders.
• Very good English skills.

Nice To Haves

• German proficiency is a big plus.
• Relevant certifications (CISSP, CISM, ISO 27001 Lead Auditor/Implementer).
• Experience with NIS2 compliance.
• Familiarity with cloud security (AWS, GCP).

Responsibilities

• Define and drive the information security strategy and roadmap for Chrono24, aligning with business objectives and regulatory requirements including ISO 27001, NIS2, and CRA.
• Own information security governance, risk management, and compliance across the organization, ensuring risk owners understand and act on their responsibilities.
• Lead and coordinate incident response, overseeing our Security Incident Response Team (SIRT) processes and ensuring readiness when it matters.
• Steer our vulnerability management program, coordinating internal scans, external assessments, and take responsibility for our bug bounty program.
• Build and run the security awareness program, including phishing campaigns, training, and fostering a security-conscious culture company-wide.
• Assess and manage third-party and vendor security risks, ensuring our partners and service providers meet our security standards.
• Drive audit readiness and compliance, coordinating ISO 27001 audits, NIS2 preparation, and collaboration with external auditors and your Information Security Officer.
• Contribute to business continuity management, ensuring security considerations are embedded in our continuity processes.

Benefits

• Salary: 90,000 to 120,000 EUR annually, depending on experience.
• Permanent employment contracts.
• 30 days of vacation per year.
• Free daily meal at HQ in Karlsruhe.
• Additional day off on December 24th and 31st.
• Work abroad for up to 20 days per year.