Information Security Officer (f/m/d)

• ISMS operation & further development: Take sole responsibility for the operation of our ISO 27001-certified ISMS and drive its continuous further development through targeted process optimisation.
• Tool integration & automation: Select suitable ISMS tools based on practical experience, implement them independently and increase the level of automation by integrating them into existing IT infrastructures.
• Security controls implementation: Independently implement technical and organisational security measures in close cooperation with IT, HR, engineering and finance, and integrate them seamlessly into business processes.
• Audit & review management: Conduct internal, external and customer audits as well as management reviews independently, ensure successful recertifications and professionally guide customers through audit processes.
• Awareness & training: Design and implement effective awareness and training programmes that embed security awareness in the corporate culture in the long term and bring about measurable behavioural changes.
• Effectiveness monitoring & reporting: Monitor the effectiveness of the ISMS through systematic analyses and meaningful key performance indicators, and create compelling reports for management, employees and customers.
• ISMS scaling: Flexibly adapt the ISMS to company growth and new regulatory requirements, and ensure sustainable scalability through intelligent architecture.

• Practical implementation experience: Extensive experience in independently setting up, operating and further developing ISMS in corporate environments with proven success in several complete implementation or optimisation cycles.
• Specific tool expertise: In-depth practical experience with common ISMS tools from real-world corporate deployments, including independent selection, implementation and integration into existing IT landscapes.
• ISO 27001 expertise: In-depth knowledge of ISO 27001 requirements with proven experience in successfully conducting initial and recertification audits as well as customer audits.
• Certifications: ISO 27001 Lead Implementer or Lead Auditor, ideally supplemented by CISSP, CISM or comparable certifications that underpin your practical expertise.
• Technical understanding: Solid IT knowledge and system administration skills to independently evaluate, implement and integrate technical security measures in cloud and on-premise environments.
• Strong communication skills: Strong ability to communicate complex security issues clearly and in a manner appropriate to the audience – from management and specialist departments to external auditors and customers.
• Working style: Structured, independent working style with strong organisational skills, project management experience and a keen enthusiasm for continuous improvement and automation.
• Languages: Business fluent written and spoken German and English for professional audits, precise documentation and international collaboration.

• Make a difference: Your work helps to reduce CO₂ emissions and make buildings more sustainable and energy-efficient.
• Mobile work: Organise your working day according to your needs – with flexible working hours, short core working hours and the freedom to work from our modern office in Cologne, remotely from anywhere in Germany or up to 10 days a year from other European countries.
• Long-term prospects: After your probationary period, we offer you a permanent contract.Feel-good offer: With 30 days of annual leave, you can relax and unwind, while fresh organic fruit, regional coffee, free drinks and our monthly team breakfast provide you with your daily energy boost.
• Further training: We support you with tailor-made training opportunities to advance your career.Tech stack: You will receive modern work equipment of your choice – whether Microsoft or Apple – as well as high-quality noise-cancelling headphones for focused work.
• Mobility package: Always mobile: you can choose between the Germany Ticket or a Jobrad bike – for your commute or private use.
• Pension provision: Subsidies for capital-forming benefits (VWL) or company pension schemes (bAV).
• #teamaedifion: Regular team events, working on an equal footing, actively sharing experiences and flat hierarchies promote strong teamwork and open communication within our team.
• Dog-friendly office: Bring your dog along – we look forward to some animal support.

We are a young team of currently 90 employees and our employees come from a wide spectrum of different fields and 12 different nationalities. Diversity, individual development and team spirit are very important to us!