Information Security Officer (Permanent)

Remote job

Riverflex

We help courageous leaders create teams, augment intelligence and drive transformative change.

View all jobs at Riverflex

Apply now Apply later

Job Title: Information Security Officer
Seniority Level: Senior
Location: Remote (Germany, UK, Spain)
Language Requirements: English (German is a plus)


Our client is looking for a Permanent Information Security Officer will be responsible for managing the information security function across all subsidiaries. Reporting to the VP IT, you will oversee the day-to-day management of the information security function and team, while driving the information security strategy and program. 

You will be joining a growing international technology company and will play a pivotal role in implementing security best practices across the organization. Leading a team of 2, you will have the opportunity to shape direction and drive organizational change. With a focus not only on IT Security and hard skills, you will have the opportunity to develop a Security native mindset across Engineering, support all other functions and be a vital part of the secure future of the client.


Key Responsibilities:

  • Strategic Leadership:
    • Having an entrepreneur mindset and being willing to get your hands dirty
    • Seeing soft skills as important as hard skills and help developing them within your team
    • Design and implement a security strategy aligned with company goals and objectives
    • Function as a translator and adopt the language of stakeholders to translate complex Information Security related topics into simple words
    • Work with the wider leadership team to cultivate a security-centric culture within the organization
    • Regularly report to the board on the state of security and the wider threat landscape.
  • Operational Excellence:
    • Lead the security function to deliver pragmatic and hands-on solutions
    • Collaborate with technical stakeholders to embed security-conscious mindsets within IT and engineering team
    • Lead security incidents and conduct lessons learned exercises to drive continuous improvements
  • Client Engagement:
    • Act as the main point of contact for client queries, presenting the organisations' security posture and program when required
  • Risk Management:
    • Help the organization understand its risks and design plans to mitigate key risks
    • Accountable for the successful running of the ISMS
  • Data Protection:
    • Build an effective data protection capability, working closely with the DPO and internal data protection coordinators to deliver a globally oriented service

Requirements

Your Profile:

  • Leadership:
    • A highly collaborative leader who can deliver at pace in a fast-moving environment
    • Excellent written and verbal communication skills, especially the ability to translate technical subjects to non-technical audiences
  • Experience & Knowledge:
    • Experience working in a small, agile organization and understanding of its dynamics
    • Proven experience in implementing or leading an ISO27001 capability
    • Experience building security functions in green/brown field environments
    • Working knowledge of security best practices for cloud environments (AWS, Azure)
    • Experience supporting data privacy practices, such as conducting DPIA assessments or managing an outsourced DPO service
    • Knowledge of global data privacy legislation such as GDPR, CCPA, PECR
  • Desirable Experience:
    • German speaker with B2 level plus.
    • Experience implementing or auditing ISO standards, ideally as a Lead Implementor/Auditor for ISO27001
    • Knowledge of SOC2 and other industry-specific standards/regulations
    • General security-relevant certifications such as CISSP, CISM, CISA are preferred but not necessary
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  12  4  0

Tags: Agile Audits AWS Azure CCPA CISA CISM CISSP Cloud GDPR ISMS ISO 27001 Privacy Risk management Security strategy SOC 2 Strategy

Region: Remote/Anywhere

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.