[Hiring] Information Security Officer / Information Security Manager @auxmoney GmbH

Role Description

Do you enjoy building security programs that engineers actually like to use? At auxmoney, you will shape information security with real authority and direct access to decision makers. As our Information Security Officer / Information Security Manager (m/f/d), you will report directly to the CTO and lead our DevSecOps Engineer. You will partner with engineering and platform teams to embed security into everyday workflows, from cloud guardrails and monitoring to incident response and audit readiness. If you combine structure with pragmatism and like turning requirements into clear, actionable standards, this role gives you the scope to make it happen.

• Continuous Security Posture Improvements: Take full ownership of our information security strategy, designing and implementing security processes to create a strong foundation for the future.
• ISMS & Compliance: Develop and enhance our Information Security Management System (ISMS) while ensuring compliance with frameworks like ISO 27001/27002 and the NIST Cybersecurity Framework.
• Security Advisory & Support: Act as the go-to expert for security-related topics, supporting product, engineering, and IT infrastructure teams.
• Threat Monitoring & Incident Response: Oversee and enhance our security monitoring and patch management processes, ensuring rapid detection and mitigation of threats.
• Cloud Security Optimization: Drive cloud security improvements across AWS and Microsoft Azure, ensuring robust protection of our cloud infrastructure.
• SIEM & Infrastructure Security: Support and optimize security monitoring systems and integrate new tools into our SIEM solution.
• Research & Awareness: Stay ahead of emerging security threats, vulnerabilities, and attack techniques, while implementing security awareness training to foster a security-conscious culture.

Qualifications

• At least 3 years of proven leadership experience, including managing and developing team members, setting goals, and driving execution across multiple stakeholders.
• Proven experience (at least 3+ years) in operating and continuously improving an ISMS (based on ISO 27001), including security risk assessments, risk treatment plans, Statement of Applicability (SoA), and audit readiness (internal/external).
• Ability to drive continuous security posture improvements through a structured security roadmap, prioritization, and measurable security KPIs/KRIs.
• 3+ years of practical experience in securing AWS and Microsoft Azure environments and implementing security best practices in DevOps workflows (e.g., IAM, logging/monitoring, network security, key/secrets management, secure baselines/guardrails).
• Experience with security monitoring and SIEM operations, including onboarding log sources, developing/tuning detection rules and alerts, and integrating new security tools into SIEM workflows.
• Hands-on experience in building and running incident response processes (playbooks, triage, coordination, post-incident reviews) to ensure rapid detection, containment, and recovery.
• Practical experience in establishing and improving vulnerability management and patch management processes, including prioritization, remediation tracking, and exception handling.
• Experience in designing and delivering security awareness initiatives (trainings, guidelines, campaigns) to build a security-conscious culture across the organization.
• You are a team player who can effectively communicate security principles to both technical and non-technical stakeholders.
• You thrive in a fast-paced environment, balancing multiple projects while maintaining a detail-oriented approach.
• Proficiency in German and English, both written and spoken.

Benefits

• Enjoy family-friendly working hours and a generous home office policy, allowing you to stay agile and flexible in any situation.
• For your office days, we provide ergonomic workstations that offer you a comfortable and healthy workspace.
• With short decision-making paths, we enable you to work autonomously and actively contribute your ideas – we provide space for you to take on responsibility.
• Unlock your potential with numerous opportunities for growth and development, along with an annual development budget to help you achieve your professional and personal goals.
• Team spirit is important to us – we regularly host events and parties where fun is guaranteed.
• Whether you prefer a train ticket or parking – we support your choice of preferred mobility.
• Keep fit with a discounted membership at Fitness First or Urban Sports Club, or use our in-house fitness room to stay active after work and enhance your work-life balance.
• Think about your future – we offer subsidies for company pension plans so you can plan long-term with us.
• We consider your personal life situation – whether you're a parent or love to travel, we offer customized benefits to suit your lifestyle.

Company Description

At auxmoney, we offer you the opportunity to build and lead a security function in a dynamic, innovative environment where security is a top priority. If you're looking for a role where you can take ownership and drive meaningful change, apply today and help us create a secure future!

For us as an employer, equal opportunities and diversity are especially important. Therefore, we welcome applications from mothers, fathers, people with disabilities and people from the LGBTQIA+ community. Please feel free to let us know if, for example, you would like us to use a gender-neutral pronoun, if you need barrier-free access to our office, or if you would like us to allow more time for the application process.