Information Security Officer / Information Security Manager

auxmoney GmbH
Düsseldorf, Germany
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German
Experience level
Intermediate

Job location

Remote
Düsseldorf, Germany

Tech stack

Amazon Web Services (AWS)
Azure
Cloud Computing
Cloud Computing Security
Computer Security
DevOps
Monitoring of Systems
Identity and Access Management
Key Management
Network Security
Cloud Services
Service-Oriented Architecture
Security Information and Event Management
Software Vulnerability Management
Data Logging
Information Security Management System
Information Technology
Patch Management
Devsecops

Job description

Düsseldorf, Nordrhein-Westfalen, 40213 Vollzeit Your new team:

Do you enjoy building security programs that engineers actually like to use? At auxmoney, you will shape information security with real authority and direct access to decision makers.

As our Information Security Officer / Information Security Manager (m/f/d), you will report directly to the CTO and lead our DevSecOps Engineer. You will partner with engineering and platform teams to embed security into everyday workflows, from cloud guardrails and monitoring to incident response and audit readiness. If you combine structure with pragmatism and like turning requirements into clear, actionable standards, this role gives you the scope to make it happen. What you can expect:

  • Continuous Security Posture Improvements: Take full ownership of our information security strategy, designing and implementing security processes to create a strong foundation for the future.
  • ISMS & Compliance: Develop and enhance our Information Security Management System (ISMS) while ensuring compliance with frameworks like ISO 27001/27002 and the NIST Cybersecurity Framework.
  • Security Advisory & Support: Act as the go-to expert for security-related topics, supporting product, engineering, and IT infrastructure teams.
  • Threat Monitoring & Incident Response: Oversee and enhance our security monitoring and patch management processes, ensuring rapid detection and mitigation of threats.
  • Cloud Security Optimization: Drive cloud security improvements across AWS and Microsoft Azure, ensuring robust protection of our cloud infrastructure.
  • SIEM & Infrastructure Security: Support and optimize security monitoring systems and integrate new tools into our SIEM solution.
  • Research & Awareness: Stay ahead of emerging security threats, vulnerabilities, and attack techniques, while implementing security awareness training to foster a security-conscious culture.
  • Flexible Work Setup: Whether in our modern office or fully remote, you decide how to best balance work and private life.

Requirements

  • Leadership Experience: At least 3 years of proven leadership experience, including managing and developing team members, setting goals, and driving execution across multiple stakeholders.
  • ISMS Operations & Risk Management: Proven experience (at least 3+ years) in operating and continuously improving an ISMS (based on ISO 27001), including security risk assessments, risk treatment plans, Statement of Applicability (SoA), and audit readiness (internal/external).
  • Security Program & Roadmap Ownership: Ability to drive continuous security posture improvements through a structured security roadmap, prioritization, and measurable security KPIs/KRIs.
  • AWS & Azure Cloud Security & DevSecOps Knowledge: 3+ years of practical experience in securing AWS and Microsoft Azure environments and implementing security best practices in DevOps workflows (e.g., IAM, logging/monitoring, network security, key/secrets management, secure baselines/guardrails).
  • Security Monitoring & SIEM Experience: Experience with security monitoring and SIEM operations, including onboarding log sources, developing/tuning detection rules and alerts, and integrating new security tools into SIEM workflows.
  • Incident Response & Crisis Management: Hands-on experience in building and running incident response processes (playbooks, triage, coordination, post-incident reviews) to ensure rapid detection, containment, and recovery.
  • Vulnerability & Patch Management Expertise: Practical experience in establishing and improving vulnerability management and patch management processes, including prioritization, remediation tracking, and exception handling.
  • Security Awareness & Training: Experience in designing and delivering security awareness initiatives (trainings, guidelines, campaigns) to build a security-conscious culture across the organization.
  • Communication & Collaboration Skills: You are a team player who can effectively communicate security principles to both technical and non-technical stakeholders.
  • Analytical & Solution-Oriented Mindset: You thrive in a fast-paced environment, balancing multiple projects while maintaining a detail-oriented approach.
  • Language Skills: Proficiency in German and English, both written and spoken.

Benefits & conditions

  • Flexibility for Your Lifestyle: Enjoy family-friendly working hours and a generous home office policy, allowing you to stay agile and flexible in any situation.
  • Ergonomic Work Environment: For your office days, we provide ergonomic workstations that offer you a comfortable and healthy workspace.
  • Independent Work: With short decision-making paths, we enable you to work autonomously and actively contribute your ideas - we provide space for you to take on responsibility.
  • Grow with Us: Unlock your potential with numerous opportunities for growth and development, along with an annual development budget to help you achieve your professional and personal goals.
  • Team Spirit: Team spirit is important to us - we regularly host events and parties where fun is guaranteed.
  • Mobility Your Way: Whether you prefer a train ticket or parking - we support your choice of preferred mobility.
  • Stay Active: Keep fit with a discounted membership at Fitness First or Urban Sports Club, or use our in-house fitness room to stay active after work and enhance your work-life balance.
  • Secure Your Future: Think about your future - we offer subsidies for company pension plans so you can plan long-term with us.
  • Tailored Benefits: We consider your personal life situation - whether you're a parent or love to travel, we offer customized benefits to suit your lifestyle.

About the company

You are passionate about agile work and would like to create every day differently? Then you are exactly right with us! We are auxmoney - one of the most successful Fintech companies in Germany and the largest credit marketplace in Continental Europe. Private and institutional investors invest directly in pre-approved loans via auxmoney. As a company, we combine the start-up mentality with the security of a successful Grown-Up. Together we work at our locations in Düsseldorf, Budapest and Dublin. Thanks to flat hierarchies and a diversity of creative and development opportunities, you can achieve excellent results on your own responsibility and work on exciting projects. You can simplify processes and products and thus actively shape auxmoney as a company in a sustainable manner. Regardless of whether you are an intern or a manager: everyone makes a valuable contribution at auxmoney. You are also welcome to visit us on our social media channels to gain a better impression of us.

Apply for this position