Information Security Officer / Information Security Manager (m/f/d)

About The Position

Requirements

• At least 3 years of proven leadership experience, including managing and developing team members, setting goals, and driving execution across multiple stakeholders.
• Proven experience (at least 3+ years) in operating and continuously improving an ISMS (based on ISO 27001), including security risk assessments, risk treatment plans, Statement of Applicability (SoA), and audit readiness (internal/external).
• Ability to drive continuous security posture improvements through a structured security roadmap, prioritization, and measurable security KPIs/KRIs.
• 3+ years of practical experience in securing AWS and Microsoft Azure environments and implementing security best practices in DevOps workflows (e.g., IAM, logging/monitoring, network security, key/secrets management, secure baselines/guardrails).
• Experience with security monitoring and SIEM operations, including onboarding log sources, developing/tuning detection rules and alerts, and integrating new security tools into SIEM workflows.
• Hands-on experience in building and running incident response processes (playbooks, triage, coordination, post-incident reviews) to ensure rapid detection, containment, and recovery.
• Practical experience in establishing and improving vulnerability management and patch management processes, including prioritization, remediation tracking, and exception handling.
• Experience in designing and delivering security awareness initiatives (trainings, guidelines, campaigns) to build a security-conscious culture across the organization.
• You are a team player who can effectively communicate security principles to both technical and non-technical stakeholders.
• You thrive in a fast-paced environment, balancing multiple projects while maintaining a detail-oriented approach.
• Proficiency in German and English, both written and spoken.

Responsibilities

• Take full ownership of our information security strategy, designing and implementing security processes to create a strong foundation for the future.
• Develop and enhance our Information Security Management System (ISMS) while ensuring compliance with frameworks like ISO 27001/27002 and the NIST Cybersecurity Framework.
• Act as the go-to expert for security-related topics, supporting product, engineering, and IT infrastructure teams.
• Oversee and enhance our security monitoring and patch management processes, ensuring rapid detection and mitigation of threats.
• Drive cloud security improvements across AWS and Microsoft Azure, ensuring robust protection of our cloud infrastructure.
• Support and optimize security monitoring systems and integrate new tools into our SIEM solution.
• Stay ahead of emerging security threats, vulnerabilities, and attack techniques, while implementing security awareness training to foster a security-conscious culture.

Benefits

• Family-friendly working hours
• Generous home office policy
• Ergonomic workstations
• Short decision-making paths
• Numerous opportunities for growth and development
• Annual development budget
• Regular team events and parties
• Support for preferred mobility (train ticket or parking)
• Discounted membership at Fitness First or Urban Sports Club
• In-house fitness room
• Subsidies for company pension plans
• Customized benefits to suit your lifestyle