Lead Information Security Manager (w/m/d)

Everphone is the one-stop solution for corporate smartphones and tablets. As a leading device-as-a-service provider, Everphone handles device procurement, configuration, management, security, and replacement for businesses and organizations. The time this frees up for clients‘ IT teams totals two hours per device. DaaS allows companies and their employees to choose their preferred smartphone from manufacturers such as Apple, Samsung, Google, and Fairphone. Everphone currently manages over 400.000 devices for more than a thousand companies, including international management consultancies and several DAX companies.

Founded in 2016 by Jan Dzulko, the company employs around 300 employees in Berlin, Munich, and Miami. Investors include Alleycorp, ApolloCapital, Cadence Growth Capital, signals Venture Capital, and T.Capital.

We are looking for an exceptional

Lead Information Security Manager (w/m/d)

About the role:

As a Lead Information Security Manager, you will play a critical role in safeguarding our systems, processes, and data. You will contribute to building and maintaining a secure environment by ensuring compliance with key standards, frameworks, and best practices while actively monitoring and responding to security events. This is a challenging and rewarding opportunity to work on a wide array of information security and compliance topics while supporting our secure software development lifecycle. You will also lead and mentor a team of information security professionals, fostering their growth and development while ensuring effective collaboration and achievement of security objectives.

What you’ll do:

Information Security & Compliance

1. Develop, implement, and maintain our Information Security Management System (ISMS) in alignment with ISO 27001, GDPR, BCM, BSI IT-Grundschutz and other relevant frameworks.
2. Ensure documentation and compliance with information security policies and procedures including test runs.
3. Conduct risk assessments, audits, and evaluations to identify security gaps and recommend improvements.

Cybersecurity Monitoring & Management

1. Monitor security logs from cloud services, including Google Workspace and other SaaS tools, to detect and respond to potential threats.
2. Evaluate and address vulnerabilities based on the OWASP Top 10 and other cybersecurity standards.
3. Work with development teams to integrate secure practices into the software development lifecycle (Secure SDLC).
4. Train and advise teams on implementing security controls and adhering to compliance requirements.

Team Management

1. Lead and mentor a team of information security professionals, providing guidance, support, and performance feedback.
2. Delegate tasks effectively and ensure team members have the necessary resources and training to succeed.
3. Foster a collaborative and positive team environment, encouraging knowledge sharing and professional development.
4. Set team goals and objectives, monitor progress, and provide regular updates to management.

What you’ll need:

Compliance Knowledge

1. You have a deep understanding of ISO 27001, GDPR, BCM and other relevant information security frameworks.
2. You have acquired experience in managing and executing test runs and contributing to ISMS processes and documentation.
3. Experience with BSI IT-Grundschutz is a plus.

Technical Expertise

1. Strong technical background with hands-on experience in security monitoring tools and cloud service security (GCP/AWS, Google Workspace, SaaS environments).
2. Familiarity with secure software development practices, vulnerability scanning, and threat modeling.

Analytical Skills

1. Ability to assess risks, prioritize security improvements, and document findings clearly and concisely.
2. Proficiency in analyzing logs and monitoring tools to identify security incidents.

Communication & Collaboration

1. Excellent communication and project management skills to work with cross-functional teams, including developers, legal/compliance, and operations.
2. Capability to provide security training and awareness across the organization.
3. Fluency in German and English (both C1) .

Leadership & Management

1. Proven experience in leading and managing a team of information security professionals.
2. Strong leadership skills with the ability to motivate, inspire, and guide team members.
3. Excellent interpersonal and communication skills to build strong relationships within the team and across the organization.
4. Experience in performance management, including setting goals, providing feedback, and conducting performance reviews.
5. Ability to foster a collaborative and inclusive team environment.

Don’t match all the criteria? Go for it anyway!

At Everphone, we are looking for passionate individuals with vibrant personalities. So if you’re excited about this position, but don’t match every single requirement-please apply anyway. You may well be just the right candidate for another position, if not this one, so go for it!

Benefits:

1. a premium smartphone of your choice for personal use,
2. 30 vacation days per year,
3. a monthly budget of 30 € in Circula vouchers to spend however you like,
4. a 300 € subsidy for public transport,
5. two bright, modern offices in the heart of Berlin (Mitte and Kreuzberg),
6. a dog-friendly office (Kreuzberg), where your four-legged friend is welcome to join you,
7. a mental health program with Voiio access for personal and professional solutions, also open to family members,
8. a dynamic work environment where you can actively help shape your own growth,
9. a hybrid work model for more flexibility,
10. access to the Everphone Learning Academy to promote professional development,
11. a referral program with an up to 2000 € bonus,
12. a company pension plan,
13. social drinks- and karaoke night to get to know your colleagues better,
14. a large open kitchen area with free drinks, snacks and fruit,
15. a relaxation area with sofas and a quiet room to simply unwind.

For more information visit our website: everphone.com/en/career/#J-18808-Ljbffr