Head of Information Security (m / f / d)

You'll be fully responsible for the Information Security area, from defining strategy to day-to-day operations, including:

1. Developing, maintaining, and reviewing an information security architecture aligned with Spryker's strategies and goals while safeguarding digital assets.
2. Conducting risk assessments and devising risk management strategies.
3. Creating, updating, and maintaining security policies, procedures, and guidelines.
4. Detecting and responding to security incidents and coordinating cross-functional teams to mitigate threats.
5. Supporting various departments, particularly IT, with organizational and technical recommendations for enhancing information security.
6. Driving continuous improvement and innovation in existing systems, processes, and procedures.
7. Leading information security-related internal and external audits and projects.
8. Promoting security awareness and individual responsibility throughout the organization.

Minimum Requirements:

1. 6+ years of experience in information and cyber security, ideally in a similar international enterprise cloud software environment.
2. Solid experience in establishing an Information Security Management System function.
3. Knowledge of relevant regulations and standards in information security (e.g., ISO 27001, SOC-2, TISAX, BSI IT Grundschutz, CIS Controls, NIST, PCI-DSS).
4. Expertise in cloud systems, preferably AWS.
5. Relevant professional certifications include CISSP, CRISC, CISM, ITIL, CISA, or similar.
6. A degree in IT security or a related field is advantageous.
7. AWS certifications in IT security and Information Security are a plus.
8. Pragmatic, proactive, and hands-on approach, with the drive to actively lead change.
9. Intellectual curiosity about information security and staying abreast of industry and regulatory developments.
10. Confidence and ability to collaborate across all hierarchical levels.
11. Business-level proficiency in English and German is mandatory.