Information Security Manager - Product Development (f/m/d)

ResponsibilitiesAre you a seasoned security professional with a passion for building secure software? Do you thrive on the challenge of protecting digital products from evolving threats? If so, we have an exciting opportunity for you to join our team at IONOS.As an Information Security Manager, you will be responsible for ensuring our product development organization has the correct processes for developing, maintaining, and operating secure software. You will be a key player in ensuring our products and processes meet critical compliance requirements, including GDPR, and will prepare the organization for successful external audits and certifications like ISO 27001, BSI IT-Grundschutz, and C5.This is a high-impact role where you will work directly with the Head of Product Development to own and drive all security and compliance topics within the organization.Lead Security Initiatives: Own all security and compliance topics within the IONOS Product Development organization.Drive Secure Practices: Drive and monitor the adoption of secure software development best practices across the organization.Collaborate: Closely collaborate with Central Information Security to champion company-wide security and compliance initiatives.Represent IONOS: Competently and securely represent IONOS Product Development in internal and external audits and certifications.Promote Security Culture: Proactively foster a security-conscious mindset within the development organization by teaching and monitoring security best practices.QualificationsSecure Development Expertise: A strong understanding of the Secure Software Development Lifecycle (SDLC), including threat modeling, secure coding standards (vulnerability prevention), and proficiency with automated security analysis that involves scanning both source code and live applications for vulnerabilities.Compliance & Audits: Proven experience with security compliance frameworks and standards such as ISO 27001, BSI IT-Grundschutz, or C5.AI Security: A keen awareness of the emerging security landscape for artificial intelligence, including an understanding of common AI-specific threats and familiarity with the principles of securing AI systems throughout their development lifecycle.DevSecOps: Familiarity with modern DevSecOps practices, including operating software in container-based cloud environments.Communication Skills: Excellent communication and interpersonal skills, with the ability to explain complex security topics to both technical and non-technical audiences.Problem-Solving: A proactive and results-oriented mindset with strong analytical and problem-solving abilities.Leadership: Proven ability to drive security initiatives and influence change at a peer-to-peer level with engineering teams.BenefitsHybrid working model.Flexible working hours through trust-based working hours.At some locations a subsidized canteen and various free drinks.Modern office space with very good transport connections.Various employee discounts for activities and products.Employee events such as summer and winter parties, as well as workshops.Numerous training and development opportunities.Various health offers, such as sports and health courses. #J-18808-Ljbffr