Senior Information Security Officer – f/m/d
Shiftmove
full-time
Posted on:
Location Type: Hybrid
Location: Berlin • Germany
Visit company websiteExplore more
Job Level
About the role
- Strategy & Roadmap: Develop and implement a group-wide information security and compliance strategy aligned with ISO 27001 and upcoming regulatory requirements like NIS2.
- ISMS Development: Build and operate a robust Information Security Management System (ISMS), starting with a structured gap analysis and a prioritized delivery roadmap.
- Security Governance: Define clear security requirements across Product, Engineering, and IT, ensuring implementation through accountable ownership and clear documentation.
- Risk Management: Identify, assess, and clearly communicate security risks, enabling leadership to make pragmatic, risk-based decisions aligned with business priorities.
- Compliance Expert: Act as the primary expert and main point of contact for security topics during enterprise customer discussions, external audits, and due diligence processes.
- Technical Advocacy: Collaborate closely with IT Ops and Engineering to embed "Security by Design" into modern cloud (AWS and Azure) and product architectures.
- Stakeholder Influence: Serve as a solution-oriented advisor to the board and senior management, translating complex technical risks into clear business impact.
Requirements
- Information Security Expertise: Several years of experience in a security or compliance role, specifically building or significantly improving an ISMS (ISO 27001) in a SaaS or tech-driven environment.
- Regulatory Knowledge: Deep understanding of frameworks such as NIS2, DORA, or similar compliance regimes, with the ability to translate legal text into operational reality.
- Applied Technical Credibility: Experience in cloud security, infrastructure, or DevSecOps, allowing you to define requirements that are both secure and technically feasible.
- Strategic Thinking: Ability to combine domain expertise with big-picture thinking to anticipate trends and identify strategic opportunities for the group.
- Stakeholder Management: Exceptional communication skills with the ability to influence senior leadership and cross-functional teams without formal authority.
- Executional Excellence: A proven track record of driving high-quality results by setting clear priorities, removing obstacles, and following through on complex roadmaps.
- Pragmatism: A risk-based approach to security that balances high-standard regulatory requirements with business agility and resource constraints.
- Languages: English C1. German is a plus given our DACH footprint.
Benefits
- Vacation: 30 days
- Benefits: Urban Sports Club membership, Hrmony subscription, JobRad, or a subsidy for a BVG ticket.
- Health & Wellbeing: 1 mental health day per year and access to the Nilo.health platform.
- Learning & Development: Clear career paths and an annual learning budget of €2,000, among other opportunities.
- Home Office? No problem! We have a beautiful office in the heart of Berlin where we meet twice a week.
- Workation: Up to 12 weeks of remote work from any country or continent you want!
- Autonomy: We want to hire you for your expertise and knowledge, and we’ll give you the space to do your best work.
- Sustainable Growth: We are profitable and continue to grow — in a highly sustainable way, backed by a leading private-equity firm focused on technology and software.
- Culture: You’ll join a highly collaborative and high-performing team where you can contribute ideas, challenge others, and be challenged yourself.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
ISO 27001Information Security Management System (ISMS)cloud securityDevSecOpsrisk managementgap analysissecurity requirementscompliance frameworksNIS2DORA
Soft Skills
strategic thinkingstakeholder managementcommunication skillsinfluenceexecutional excellencepragmatismsolution-orientedcollaborationaccountabilitybusiness impact translation