• Develop, implement and monitor a strategic, comprehensive information security and IT risk management program
  • Brief and assist the company’s management regarding the information security matters
  • Controls and coordinates the information security processes within the company
  • Managing the daily operation and implementation of the IT security strategy
  • Supervise the implementation to achieve/maintain ISO 27001 certification
  • Perform IT security risk assessments and risk management
  • Develop and enhance an information security management framework
  • Supervise IT services provided by internal/external suppliers
  • Schedule and perform periodic security audits
  • Active involvement in relevant IT projects
  • Contact person for any information regarding security details (both within the company or any other party interested)
  • Perform continuous assessment of current IT security practices and systems and identify areas for improvements
  • Review security policies, analysis of potential threats and incident response planning
  • Overseeing incidents and breaches investigations and determine what caused the incidents
  • Develop, control and coordinate reporting tools/means regarding security information for upper management
  • Company representative regarding security information in relation to authorities, associations and other companies
  • Complying with the latest regulations and compliance requirements
  • Championing and educating the organisation about the latest security strategies and technologies
  • Continuous professional education in regards to security information

Apply for this position

Apply for this position


  • Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
  • Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies
  • Technical knowledge of techniques, standards and capabilities for secure communications, authentication and authorization, cryptography, security vulnerabilities and remediation
  • Good communication, documentation and presentation skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
  • Strong customer focus – able to meet the demands of internal and external customers
  • Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols
  • Regulatory compliance knowledge
  • Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
  • Can make decisions that are well informed and timely
  • Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
  • Multi-tasking – can manage several concurrent projects and prioritise demands
  • Experience in Agile (scaled) software development or other best in class development practices.
  • Experience with Cloud computing across virtualized environments is a plus.

Why should you join our team?

Professional challenge

We work with technologies like Java, Angular, DevOps, JSF, Microsoft.NET, Ionic, Solr, Docker, Spring Cloud or Amazon Web Services in order to develop apps for the German medical system. Between challenging projects and state of-the-art technologies, there’s always something new to explore and learn.

Personal freedom

We don’t count your breaks, the time you take for your morning coffee or the minutes you spend in the relaxation room, on the terrace or playing games with your colleagues. Furthermore, we have flexible office hours. You just need to get the job done in time.

Your new team

In addition to the usual vouchers, medical insurance or sports benefits, our colleagues also appreciate team events, game nights and hiking weekends.

If you are interested please send us your profile at

Share with friends