Expert Information Security (gn) fulltime/parttime (hybrid)

• You define, document, and own security concepts for integration platforms and solutions, ensuring compliance with internal security guidelines (e.g., Integration Security Guidelines, Secure Software Development, and Secure Engineering Principles).
• You support the implementation of regulatory and normative requirements such as ISO 27001, NIS-2, DORA, and SCA, and represent integration platforms and solutions in all security-relevant audits.
• You advise business units and technical stakeholders on the design of secure integration architectures (API, event streaming, file-based integration) and on IAM, Zero Trust, least privilege, secrets management, and network segmentation.
• You conduct threat analyses and threat modeling for integration solutions, assess complex risk scenarios, and derive appropriate mitigation measures.
• You collaborate closely with the Security Operations Center (SOC), analyze and escalate security-relevant incidents, support incident response and forensic activities, and define clear security monitoring KPIs while fostering a strong security-by-design culture., We stand for the compatibility of family and career! That's why we offer flexible working hours and family-friendly working time models. In addition, we rely on a balanced mix of on-site meetings and home office.

Do you have experience in Security analysis?, * You have several years of experience in cloud security (Azure), API security, network security, IAM, Zero Trust architectures, and business continuity management in a comparable environment.

• You bring strong knowledge of security frameworks and standards such as BSI, NIST, and ISO 27001, as well as experience in penetration testing, threat modeling, and security log analysis.
• You have expertise in integration solutions and platforms, web and mobile applications, ERP systems, and compliance and audit topics; an ethical hacker certification is a plus.
• You work in a structured, analytical, and risk-oriented manner and proactively identify and escalate security-relevant topics.
• You are able to communicate complex technical topics clearly and appropriately to both technical and non-technical stakeholders.
• You take strong ownership, demonstrate a high willingness to continuously learn, have awareness of new risk vectors (e.g., AI-driven risks), and translate security requirements into practical recommendations for action.

We are looking forward to your application and to applicants who enrich our diverse culture! Regardless of age, gender, origin and sexual identity and orientation. Severely disabled applicants will be given preference if equally qualified. This position can be full-time or part-time (min. 30h/week). DKV Mobility is looking for the best talents and knows that these are not always available on a full-time basis. Many of our employees work part-time or in flexible working models. Please talk to us about the flexibility you need during the application process.

Pulled from the full job description

• Flexible schedule

Als führender europäischer Mobilitätsdienstleister widmen wir uns effizienten Mobilitätslösungen zur Steuerung gewerblicher Fuhrparks. Zu unserem Portfolio gehören smarte Produkte und Dienstleistungen rund ums Tanken, alternative Antriebsarten, Mautabwicklung, Liquiditätsvorteile und innovative vernetzte Services.

In unserem Know-how steckt die geballte Kompetenz von mehr als 1.000 Mitarbeiterinnen und Mitarbeitern aus 13 Ländern. Der DKV Euro Service ist Teil der DKV MOBILITY SERVICES Group, die 2018 einen Umsatz von 8,6 Milliarden Euro erwirtschaftete.