Information Security Manager (gn)

at  Proemion

Description
We are looking for you as our new highly motivated Information Security Manager (gn).The position is available immediately at our headquarters in Fulda or fully remote in EU.

In return, we offer you

• Flexitime and home office days or working fully remote to guarantee a nice work-life balance
• Intensive onboarding, targeted individual trainings, and development opportunities
• An inclusive, respectful, and empathic workplace
• Plenty of areas to provide leadership and initiative
• A high degree of creative decision-making freedom and plenty of room for innovative work
• Short communication channels and well accessible team leaders
• 1on1s focused on helping you grow
• No micromanagement
• Well-established process for submitting ideas via RFCs and a lightweight approval process
• A company that in some teams already scores ‘high-performer’ as per the metrics from the Accelerate book and wants all teams to achieve the same
• Working with all relevant teams within the information security management system scope, besides the R&D department this would be especially our internal IT and Customer Care
• For onsite work: a modern and open working environment with lounges, kicker-table, pool billard table and team events, free soft drinks, coffee, cereals, and fresh fruit
• Additional allowance for gym membership and childcare as well as a free health and fitness app

Your Role

Actively support and, ideally, lead Proemion cyber-security initiatives such as:

• Security risk evaluation and management
• Oversight of ISMS audits
• Monitoring for possible cybersecurity threats and risks
• Shift-left our software development by reviewing, consulting, and in general offering security advice on activities related to Proemion SaaS, physical products, and infrastructure
• Expansion and acceleration of our Secure Software Development Lifecycle by promoting and where applicable helping implement static code analysis, penetration testing, vulnerability testing (OWASP 10 required), and other relevant techniques
• Compliance with regulations such as ISO27001, GDPR, etc. ISO27001 will be in particular an immediate key area of focus
• Expansion and oversight of Proemion incident management and response
• Preparation and/or evaluation of resources for internal training
• Expansion and continuous incremental improvement of the information security management system documentation
• Handling of third party questionnaires in relation to information security from suppliers and clients

Your Skills

Please refer the Job description for details