Head of Information Security
Jimdo
Germany, Italy, Spain, Portugal or Lithuania
Role Overview:
As the Head of Information Security at Jimdo, you will play a crucial role in safeguarding our products, assets and infrastructure. Leading a small team, you will be responsible for developing and implementing a robust information security strategy, ensuring compliance with regulations, and managing incident responses. If you are a seasoned security professional with a strong technical background and leadership skills, we invite you to join our innovative team in shaping the future of Jimdo.
What you’ll be doing:
- Lead and manage the information security team, fostering collaboration and continuous improvement. Develop department KPIs and goals;
- Develop, maintain, and review an information security architecture that aligns with Jimdo’s overall strategies and goals, while also protecting its digital assets;
- Conduct risk assessments and develop risk management strategies;
- Create, update, and maintain security policies, procedures, and guidelines in compliance with EU regulations and standards, including GDPR, and NIS-2 Directive. Work closely on this with the Legal & Data Protection team;
- Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats;
- Educate the company on security issues, and foster a culture of security awareness and individual responsibility;
- Ensure the technology organization runs a SSDLC;
- Conduct Vendor Security Risk Assessments to ensure that their systems or services comply with our security standards;
- Liaise with Executives, senior leadership and other stakeholders, reporting regularly on established metrics within the security program, the risk landscape and the effectiveness of security policies;
- Plan and allocate budget resources for the information security program.
What you bring to the table:
- Degree in a relevant field;
- Relevant professional certifications such as CISSP, CRISC, CISM, ITIL, CISA, or similar;
- Minimum 8 years of relevant experience, with at least 3 years in a leadership role;
- Strong technical depth, with recent hands-on experience designing information security architecture in a high growth scale-up technology company;
- Strong crisis management skills;
- Excellent communication skills and stakeholder engagement;
- Familiarity with Security Frameworks such as e.g. NIST, OWASP, ISO 270001, ISO27002, and CIS Critical Security Controls;
- Proven expertise in cloud systems (preferably AWS), container-based systems like Kubernetes;
- Familiarity with tech stack (Google, Confluence, Slack, Github, etc.);
- Proven ability to successfully recruit, manage, motivate and develop high performing teams.
- Effective negotiation skills.
Apply Now
Don't forget to mention EuroTechJobs when applying.