Information Security Manager

As our Information Security Manager (d/f/m), you will be pivotal in upholding the highest security standards within our innovative and dynamic setting. Your primary responsibility is not just adhering to ISO 27001, PCI DSS, NIST CSF and KRITIS regulations, but also effectively managing and facilitating multiple audits throughout the year. You'll be the linchpin connecting our auditors with our product teams, ensuring a smooth audit process through your exceptional project management skills, including evidence collection and conveying requirements. Join us at Paymenttools and be at the forefront of securing the future of digital payments while fostering a culture of innovation and agility., * Lead and manage the audit process, serving as the key liaison between auditors and our product teams

• Ensure thorough preparation for audits, including evidence collection and requirement communication
• Drive continuous improvement initiatives based on audit findings, risk assessments, and maturity evaluations
• Provide guidance and support to teams in implementing security measures and meeting audit requirements
• Perform control assurance activities, including testing of control design and operating effectiveness
• Maintain up-to-date knowledge of security regulations and standards, ensuring Paymenttools remains ahead of the curve
• Monitor security metrics and report on compliance posture to leadership
• Conduct security awareness and control implementation workshops
• Monitor security metrics and report on compliance posture to leadership
• Evaluate supplier security posture and ensure contractual security requirements are defined and enforced, * Flexible working hours that fit your workflow, your time matters
• Language courses (English and German)
• Responsibility from day one
• Work with modern and agile software such as Google Workspace, Slack, Asana, Jira, Lattice, Miro and Confluence
• Company events including Hackathons and Company Days
• Ask us more about these!

Paymenttools (English), Do you have experience in Project management?, * Proven experience in information security management, particularly in audit management and coordination

• Solid understanding of ISO 27001, or PCI DSS, or KRITIS/ EU NIS Directive regulations
• Strong project management skills, with experience in leading complex audit processes
• Ability to communicate effectively with both technical teams and external auditors
• Familiarity with the latest security technologies and practices in a cloud-native development setting is a plus
• Relevant professional certifications (CISSP, CISM, CEH) is an advantage
• English proficiency needed, German is just a plus!

• Discounts on travel, fashion, technology, and more through our corporate benefits
• REWE discount card for REWE group retailers
• JobRad, affordable bicycle leasing
• Company pension plan
• Insurance services

Paymenttools is on a mission to transform the payment landscape for retailers in Europe. With more than 4,4 billion visitors per year in our more than 15,000 REWE Group stores and travel agencies in 21 countries we know exactly what consumers and merchants need when exchanging goods for money. We strongly believe in making payments seamless and invisible, linking them with value added services within the framework of a reliable identity service. Our mantra: #wesolvepayn. We blend cutting-edge technology with stringent security to protect sensitive payment data while nurturing innovation in a cloud-native tech environment.