Finde einen Job 
Finde eine Ausbildung 
Top Arbeitgeber 
Top Universitäten 
Für Unternehmen Auf einen Blick
- Aufgaben: Ensure security and compliance of products while managing vendor processes and policies.
- Arbeitgeber: Join a forward-thinking company focused on Corporate Open Innovation in the SaaS B2B space.
- Mitarbeitervorteile: Enjoy a dynamic work environment with opportunities for professional growth and collaboration.
- Warum dieser Job: Be at the forefront of security innovation, balancing best practices with real-world business needs.
- Gewünschte Qualifikationen: Experience in information security, especially in cloud environments; German speaker preferred.
- Andere Informationen: Engage with diverse teams and enhance your skills in a supportive atmosphere.
Das voraussichtliche Gehalt liegt zwischen 48000 - 84000 € pro Jahr.
About
If you are a compliance and security professional with SaaS B2B experience, join us to co-create the future of Corporate Open Innovation!
Mission
Your mission is to ensure the security and compliance of our products and services while maintaining alignment with regulatory requirements and market demands.
Responsibilities
- Manage vendor security processes, including completing security questionnaires (IT checks) and incorporating security language into contractual agreements.
- Develop and maintain policies and guidelines regarding information security and compliance.
- Manage our security and compliance activities, such as our TISAX recertification and annual penetration testing.
- Act as the central point of contact regarding security and compliance with the Product, Law consultants, and Clients‘ IT teams.
- Help Product leadership articulate security and compliance requirements when evaluating third-party products.
- Take a pragmatic approach to balance security best practices with business needs.
- Develop, implement, review, and assess the Information Security Management System (ISMS) for compliance and effectiveness, ensuring alignment with regulatory requirements and market demands (including a security strategy, roadmap, policies, procedures, guidelines, and controls).
Your profile
- Ability to conduct threat and risk assessments and help the Product grow while covering minimal pragmatic requirements.
- German speaker – Highly preferable.
- Knowledge and experience designing controls and processes for TISAX and/or ISO 27001 requirements.
- Hands-on experience with information security, particularly in cloud-based environments (AWS, Azure, or GCP).
- A strong understanding of privacy requirements (GDPR).
- Experience working with developer and product teams to improve security processes and integrate security tooling.
- Experience managing and completing incoming vendor security reviews and collaborating with legal and procurement teams on contractual agreements.
- Sufficient technical competence to understand relevant concepts and support ongoing projects and technology efforts.
- Excellent interpersonal skills to communicate complex technical concepts to various stakeholders.
- High professional standards and strong attention to detail.
What happens once you apply
We will review your application and get back to you shortly.
#J-18808-Ljbffr
Information Security & Compliance Manager Arbeitgeber: GlassDollar
Kontaktperson:
GlassDollar HR Team
StudySmarter Bewerbungstipps 🤫
So bekommst du den Job: Information Security & Compliance Manager
✨Tip Number 1
Make sure to highlight your experience with TISAX and ISO 27001 in your conversations. These certifications are crucial for the role, and demonstrating your hands-on experience will set you apart.
✨Tip Number 2
Familiarize yourself with our products and services before the interview. Understanding how security and compliance fit into our offerings will show your commitment and help you articulate relevant insights.
✨Tip Number 3
Prepare to discuss specific examples of how you've balanced security best practices with business needs in previous roles. This pragmatic approach is key to succeeding in this position.
✨Tip Number 4
Brush up on your German language skills if you're not already fluent. Being able to communicate effectively in German will be a significant advantage when collaborating with local teams and clients.
Diese Fähigkeiten machen dich zur top Bewerber*in für die Stelle: Information Security & Compliance Manager
Tipps für deine Bewerbung 🫡
Tailor Your CV: Make sure to customize your CV to highlight your experience in compliance and security, particularly in SaaS B2B environments. Emphasize your knowledge of TISAX and ISO 27001 requirements.
Craft a Strong Cover Letter: Write a compelling cover letter that outlines your passion for information security and compliance. Mention specific experiences where you successfully managed vendor security processes or developed security policies.
Highlight Relevant Skills: In your application, clearly showcase your ability to conduct threat and risk assessments, as well as your hands-on experience with cloud-based environments like AWS, Azure, or GCP.
Demonstrate Interpersonal Skills: Since excellent interpersonal skills are crucial for this role, provide examples in your application of how you've effectively communicated complex technical concepts to various stakeholders.
Wie du dich auf ein Vorstellungsgespräch bei GlassDollar vorbereitest
✨Showcase Your SaaS B2B Experience
Make sure to highlight your previous experience in SaaS B2B environments. Discuss specific projects where you ensured compliance and security, and how those experiences can benefit the company.
✨Demonstrate Your Knowledge of TISAX and ISO 27001
Be prepared to discuss your hands-on experience with TISAX and ISO 27001 requirements. Share examples of how you've designed controls and processes that align with these standards.
✨Communicate Effectively with Technical Concepts
Practice explaining complex technical concepts in simple terms. This will showcase your excellent interpersonal skills and ability to communicate with various stakeholders, including non-technical team members.
✨Prepare for Scenario-Based Questions
Anticipate scenario-based questions related to threat and risk assessments. Think about how you would balance security best practices with business needs, and be ready to provide pragmatic solutions.
