Key skills
AWSAzureCloudCyber SecurityGoIAMAgileLeadershipRisk ManagementCommunicationCollaborationNetwork SecurityCloud Security
About this role
Role Overview
- Continuous Security Posture Improvements: Take full ownership of our information security strategy, designing and implementing security processes to create a strong foundation for the future.
- ISMS & Compliance: Develop and enhance our Information Security Management System (ISMS) while ensuring compliance with frameworks like ISO 27001/27002 and the NIST Cybersecurity Framework.
- Security Advisory & Support: Act as the go-to expert for security-related topics, supporting product, engineering, and IT infrastructure teams.
- Threat Monitoring & Incident Response: Oversee and enhance our security monitoring and patch management processes, ensuring rapid detection and mitigation of threats.
- Cloud Security Optimization: Drive cloud security improvements across AWS and Microsoft Azure, ensuring robust protection of our cloud infrastructure.
- SIEM & Infrastructure Security: Support and optimize security monitoring systems and integrate new tools into our SIEM solution.
- Research & Awareness: Stay ahead of emerging security threats, vulnerabilities, and attack techniques, while implementing security awareness training to foster a security-conscious culture.
Requirements
- Leadership Experience: At least 3 years of proven leadership experience, including managing and developing team members, setting goals, and driving execution across multiple stakeholders.
- ISMS Operations & Risk Management: Proven experience (at least 3+ years) in operating and continuously improving an ISMS (based on ISO 27001), including security risk assessments, risk treatment plans, Statement of Applicability (SoA), and audit readiness (internal/external).
- Security Program & Roadmap Ownership: Ability to drive continuous security posture improvements through a structured security roadmap, prioritization, and measurable security KPIs/KRIs.
- AWS & Azure Cloud Security & DevSecOps Knowledge: 3+ years of practical experience in securing AWS and Microsoft Azure environments and implementing security best practices in DevOps workflows (e.g., IAM, logging/monitoring, network security, key/secrets management, secure baselines/guardrails).
- Security Monitoring & SIEM Experience: Experience with security monitoring and SIEM operations, including onboarding log sources, developing/tuning detection rules and alerts, and integrating new security tools into SIEM workflows.
- Incident Response & Crisis Management: Hands-on experience in building and running incident response processes (playbooks, triage, coordination, post-incident reviews) to ensure rapid detection, containment, and recovery.
- Vulnerability & Patch Management Expertise: Practical experience in establishing and improving vulnerability management and patch management processes, including prioritization, remediation tracking, and exception handling.
- Security Awareness & Training: Experience in designing and delivering security awareness initiatives (trainings, guidelines, campaigns) to build a security-conscious culture across the organization.
- Communication & Collaboration Skills: You are a team player who can effectively communicate security principles to both technical and non-technical stakeholders.
- Analytical & Solution-Oriented Mindset: You thrive in a fast-paced environment, balancing multiple projects while maintaining a detail-oriented approach.
- Language Skills: Proficiency in German and English, both written and spoken.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
Benefits
- Flexibility for Your Lifestyle: Enjoy family-friendly working hours and a generous home office policy, allowing you to stay agile and flexible in any situation.
- Ergonomic Work Environment: For your office days, we provide ergonomic workstations that offer you a comfortable and healthy workspace.
- Independent Work: With short decision-making paths, we enable you to work autonomously and actively contribute your ideas – we provide space for you to take on responsibility.
- Grow with Us: Unlock your potential with numerous opportunities for growth and development, along with an annual development budget to help you achieve your professional and personal goals.
- Team Spirit: Team spirit is important to us – we regularly host events and parties where fun is guaranteed.
- Mobility Your Way: Whether you prefer a train ticket or parking – we support your choice of preferred mobility.
- Stay Active: Keep fit with a discounted membership at Fitness First or Urban Sports Club, or use our in-house fitness room to stay active after work and enhance your work-life balance.
- Secure Your Future: Think about your future – we offer subsidies for company pension plans so you can plan long-term with us.
- Tailored Benefits: We consider your personal life situation – whether you're a parent or love to travel, we offer customized benefits to suit your lifestyle.