Information Security Officer (All genders)

At movingimage, video is what drives us. We are a global leader in delivering secure enterprise video solutions. Simply put, we want to revolutionize the way in which companies use video. Our cloud-based solution is a centralized platform that enables companies to efficiently manage and stream all their video assets for customers, partners, and employees in the best possible quality on any device.

We are seeking a highly skilled Senior PHP Developer who is eager to expand their expertise to full stack development or transition into a Java Developer role within one year.

We move videos. Together with you, we will move even more.

As an Information Security Officer, you’ll take on the following responsibilities:

• Lead our tasks in preparation to our upgrade from ISO 27001:2013 to ISO 27001:2022
• Develop, implement, and monitor a robust integrated management system aligned with ISO 27001, ISO 9001, ISO 20000-1, and TISAX requirements
• Facilitate regular internal and external audits to ensure compliance with industry standards and assist in maintaining our certifications
• Lead and support audit processes, managing responses to findings and implementing corrective actions to continuously improve our security posture
• Create and maintain detailed security documentation, including policies, procedures, risk assessments, and incident response plans
• Conduct thorough risk assessments across the organization to identify potential vulnerabilities and recommend mitigation strategies
• Collaborate with DevSecOps and Engineering teams to embed security protocols and practices within the product development lifecycle
• Stay informed of emerging cybersecurity threats and vulnerabilities, developing proactive measures and responses to mitigate risks
• Cultivate a strong cybersecurity culture by developing and delivering security awareness programs, training sessions, and educational resources for all employees
• Promote a security-first mindset, ensuring that security considerations are embedded in all areas of the business and throughout each project’s lifecycle
• Facilitate cross-departmental collaboration to enhance understanding and adherence to security practices
• Conduct risk assessments for new and existing vendors to ensure compliance with the organization’s security policies and standards
• Review vendor security posture to align with our security requirements, certifications, and regulatory compliance needs
• Maintain an active register of third-party vendors and perform regular security reviews to monitor ongoing compliance and risk
• Facilitate post-incident reviews, root-cause analysis, and corrective actions to prevent recurrence of security incidents

To thrive in the role as a Information Security Officer, you’ll need:

• Bachelor’s degree in Information Security, Cybersecurity, Information Technology, or related field. Advanced degrees preferred
• Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, AZ-500 or other equivalent credentials
• Minimum of 5 years of experience in information security or a related role, preferably within a SaaS or technology environment
• Demonstrated experience in internal and external audits, including maintaining compliance with ISO/IEC 27001, ISO 9001, ISO/IEC 20000-1, and TISAX
• Hands-on experience with risk management, vendor management, and incident response practices
• Knowledge of DevSecOps principles and secure SDLC practices
• Familiarity with different frameworks such as GDPR, DORA, BSI IT Grundschutz, BSI C5, ISO/IEC 27005
• Strong analytical and problem-solving skills, with the ability to make risk-based decisions
• Proven track record in developing and implementing information security policies, standards, and procedures
• Familiarity with security information and event management (SIEM) tools and incident response platforms
• Good working knowledge of Confluence and JIRA

Why you will love working with us:

Culture: We work agile, focusing on cross-team collaboration based on trust and transparency. You are free to introduce your own ideas and make an impact in our diverse and international teams.

Learning & Growth: We support continuous learning through regular 1:1s, feedback conversations, German and English classes and the chance to take part in conferences and trainings.

Balance your Life: We offer flexible working hours adjusted to your schedule. On the top of that, we offer a package of 30 paid vacation days.

Remote-friendly: We have well structured and flexible processes so that we can work from home effectively and enjoy doing it! Hybrid work is the new way of work for us: we combine remote work with some office time to make sure you feel connected & enjoy your freedom at the same time.

Compensation & Benefits: Excellent people deserve great working conditions. We conduct benchmark analyses and run salary cycles regularly to ensure that we pay salaries above the market average. We also offer you a company pension (bAV), which we support with 20%, and subsidize your public transport ticket and Urban Sports Club membership.

Relocation Support: If you are not located in Germany yet, we are happy to support your move with a relocation package to make it as smooth as possible. Besides the package, we also offer administrative support to help with your VISA process etc.