Key Facts

Remote From:

Full time

Mid-level (2-5 years)

English, German

Hard Skills

ISO/IEC 27000 Series AWS Cloud Services System Monitoring Microsoft Azure DevSecOps ISO 20022 Crisis Management Internal Audit Best Practices Treatment Planning Incident Management +17 more

Other Skills

•
Incident Reporting
•
People Management
•
Collaboration
•
Communication
•
Leadership
•
Adaptability
•
Solutions Focused
•
Analytical Thinking
•
Detail Oriented
•
Prioritization

Roles & Responsibilities

Leadership experience: at least 3 years managing and developing information security teams and coordinating across multiple stakeholders
ISMS Operations & Risk Management: 3+ years operating and continuously improving an ISMS (ISO 27001) including security risk assessments, risk treatment plans, SoA, and audit readiness
AWS/Azure Cloud Security & DevSecOps: 3+ years securing AWS and Microsoft Azure environments and integrating security into DevOps workflows (IAM, logging/monitoring, network security, secrets management, guardrails)
Security Monitoring & SIEM: Experience with security monitoring and SIEM operations, onboarding log sources, developing/d tuning detection rules, and integrating new security tools into SIEM workflows

Requirements:

Take full ownership of the information security strategy and implement security processes across the organization
Develop and maintain ISMS compliance with ISO 27001/27002 and NIST CSF, including risk assessments, risk treatment, SoA, and audit readiness
Lead security operations: threat monitoring, incident response, patch management, vulnerability management, and security awareness initiatives
Drive cloud security across AWS and Azure, including guardrails, IAM, logging/monitoring, network security, and ensuring SIEM integration

Job description

Your new team:

Do you enjoy building security programs that engineers actually like to use? At auxmoney, you will shape information security with real authority and direct access to decision makers.

As our Information Security Officer / Information Security Manager (m/f/d), you will report directly to the CTO and lead our DevSecOps Engineer. You will partner with engineering and platform teams to embed security into everyday workflows, from cloud guardrails and monitoring to incident response and audit readiness. If you combine structure with pragmatism and like turning requirements into clear, actionable standards, this role gives you the scope to make it happen.

What you can expect:

Continuous Security Posture Improvements: Take full ownership of our information security strategy, designing and implementing security processes to create a strong foundation for the future.
ISMS & Compliance: Develop and enhance our Information Security Management System (ISMS) while ensuring compliance with frameworks like ISO 27001/27002 and the NIST Cybersecurity Framework.
Security Advisory & Support: Act as the go-to expert for security-related topics, supporting product, engineering, and IT infrastructure teams.
Threat Monitoring & Incident Response: Oversee and enhance our security monitoring and patch management processes, ensuring rapid detection and mitigation of threats.
Cloud Security Optimization: Drive cloud security improvements across AWS and Microsoft Azure, ensuring robust protection of our cloud infrastructure.
SIEM & Infrastructure Security: Support and optimize security monitoring systems and integrate new tools into our SIEM solution.
Research & Awareness: Stay ahead of emerging security threats, vulnerabilities, and attack techniques, while implementing security awareness training to foster a security-conscious culture.
Flexible Work Setup: Whether in our modern office or fully remote, you decide how to best balance work and private life.

Your profile

Leadership Experience: At least 3 years of proven leadership experience, including managing and developing team members, setting goals, and driving execution across multiple stakeholders.
ISMS Operations & Risk Management: Proven experience (at least 3+ years) in operating and continuously improving an ISMS (based on ISO 27001), including security risk assessments, risk treatment plans, Statement of Applicability (SoA), and audit readiness (internal/external).
Security Program & Roadmap Ownership: Ability to drive continuous security posture improvements through a structured security roadmap, prioritization, and measurable security KPIs/KRIs.
AWS & Azure Cloud Security & DevSecOps Knowledge: 3+ years of practical experience in securing AWS and Microsoft Azure environments and implementing security best practices in DevOps workflows (e.g., IAM, logging/monitoring, network security, key/secrets management, secure baselines/guardrails).
Security Monitoring & SIEM Experience: Experience with security monitoring and SIEM operations, including onboarding log sources, developing/tuning detection rules and alerts, and integrating new security tools into SIEM workflows.
Incident Response & Crisis Management: Hands-on experience in building and running incident response processes (playbooks, triage, coordination, post-incident reviews) to ensure rapid detection, containment, and recovery.
Vulnerability & Patch Management Expertise: Practical experience in establishing and improving vulnerability management and patch management processes, including prioritization, remediation tracking, and exception handling.
Security Awareness & Training: Experience in designing and delivering security awareness initiatives (trainings, guidelines, campaigns) to build a security-conscious culture across the organization.
Communication & Collaboration Skills: You are a team player who can effectively communicate security principles to both technical and non-technical stakeholders.
Analytical & Solution-Oriented Mindset: You thrive in a fast-paced environment, balancing multiple projects while maintaining a detail-oriented approach.
Language Skills: Proficiency in German and English, both written and spoken.

What we offer:

Flexibility for Your Lifestyle: Enjoy family-friendly working hours and a generous home office policy, allowing you to stay agile and flexible in any situation.
Ergonomic Work Environment: For your office days, we provide ergonomic workstations that offer you a comfortable and healthy workspace.
Independent Work: With short decision-making paths, we enable you to work autonomously and actively contribute your ideas – we provide space for you to take on responsibility.
Grow with Us: Unlock your potential with numerous opportunities for growth and development, along with an annual development budget to help you achieve your professional and personal goals.
Team Spirit: Team spirit is important to us – we regularly host events and parties where fun is guaranteed.
Mobility Your Way: Whether you prefer a train ticket or parking – we support your choice of preferred mobility.
Stay Active: Keep fit with a discounted membership at Fitness First or Urban Sports Club, or use our in-house fitness room to stay active after work and enhance your work-life balance.
Secure Your Future: Think about your future – we offer subsidies for company pension plans so you can plan long-term with us.
Tailored Benefits: We consider your personal life situation – whether you're a parent or love to travel, we offer customized benefits to suit your lifestyle.

Your Perspective: At auxmoney, we offer you the opportunity to build and lead a security function in a dynamic, innovative environment where security is a top priority. If you're looking for a role where you can take ownership and drive meaningful change, apply today and help us create a secure future!

For us as an employer, equal opportunities and diversity are especially important. Therefore, we welcome applications from mothers, fathers, people with disabilities and people from the LGBTQIA+ community. Please feel free to let us know if, for example, you would like us to use a gender-neutral pronoun, if you need barrier-free access to our office, or if you would like us to allow more time for the application process.

Ready to apply?

APPLY

Share ·