Information Security Manager (m/f/d)
Job Description
Our security team ensures that visitors to our online store have a safe shopping experience and that their data, as well as that of ABOUT YOU CLOUD customers, is processed securely with us. In addition, the team also protects our corporate data as well as our employees' devices. Protecting customer and company information is an important corporate building block for us, so our team is passionate about constantly improving this. Our goal is to create a secure environment without limiting or slowing down business processes.
We are looking for an Information Security Manager (m/f/d) - onsite or remote within the EU to support our security team in scaling IT security at ABOUT YOU to the maximum.
What you will do
- Conducting risk analyses as well as supporting the mitigation compliance issues
- Implementation of processes with the legal department and affected IT teams, e.g., regarding new data protection laws (DSGVO)
- Responsibility for our own ISMS system, as well as its further development
- Creation and implementation of guidelines and process descriptions with internal and external stakeholders, e.g., maintaining authorization and deletion concepts
- Collaboration and preparation of data for internal and external IT audits
- Direct collaboration with management, legal department, and external data protection officer(s)
- Agile working in a motivated, international and young security team
Who you are
- A successfully completed degree in (business) informatics, a comparable IT-related course of study, or an apprenticeship as an IT specialist (system integration) with a corresponding focus or practical work experience in the professional field
- Deep understanding of general data protection legislation, e.g. DSGVO, and information security standards and frameworks such as ISO 27001 (ISMS) / CIS18 / NIST, PCI DSS, COBIT, ITIL, etc.
- Strong understanding of IT-security risk frameworks such as ISO 27005 or BSI 200-3, including how to identify and measure and control risks within an organization
- Project management and stakeholder skills, capable of encouraging other departments and colleagues to adopt security best practices and methods
- The ability to develop creative solutions and to realize benefits as quickly as possible according to the 80/20 principle
- Ability to work independently, being hands-on and coordinate tasks between different teams.
- Fluent English communications skills
Nice to have
- Understanding of the cloud-native tech stack
- Hands-on experience with incident response processes
- Experience within the e-commerce sector
YOU ARE THE CORE OF ABOUT YOU
We take responsibility for creating an inclusive and exceptional environment where all genders, nationalities and ethnicities feel welcomed and accepted exactly as they are. We believe that a diverse workforce essentially contributes to the ABOUT YOU culture. In order to maintain talent and diversity, we emphasize the care for physical health, mental health and overall well-being. Our values and work ethics essentially contribute to our brand mission: empower acceptance and shape an inclusive, fair and circular fashion culture.
We are looking forward to receiving your application – preferably via our online application portal! This way, we can ensure a faster process and for you it is very easy to upload your application documents.