Head of Information Security (m / f / d)

You'll be fully responsible for the Information Security area, from defining strategy to day-to-day operations, including :

• Developing, maintaining, and reviewing an information security architecture aligned with Spryker's strategies and goals while safeguarding digital assets.
• Conducting risk assessments and devising risk management strategies.
• Creating, updating, and maintaining security policies, procedures, and guidelines.
• Detecting and responding to security incidents and coordinating cross-functional teams to mitigate threats.
• Support various departments, particularly IT, with organizational and technical recommendations for enhancing information security.
• Driving continuous improvement and innovation in existing systems, processes, and procedures.
• Leading information security-related internal and external audits and projects.
• Promoting security awareness and individual responsibility throughout the organization.
• 6+ years of experience in information and cyber security, ideally in a similar international enterprise cloud software environment.
• Solid experience in establishing an Information Security Management System function.
• Knowledge of relevant regulations and standards in information security (e.g., ISO 27001, SOC-2, TISAX, BSI IT Grundschutz, CIS Controls, NIST, PCI-DSS).
• Expertise in cloud systems, preferably AWS.
• Relevant professional certifications include CISSP, CRISC, CISM, ITIL, CISA, or similar.
• A degree in IT security or a related field is advantageous.
• AWS certifications in IT security and Information Security are a plus.
• Pragmatic, proactive, and hands-on approach, with the drive to actively lead change.
• Intellectual curiosity about information security and staying abreast of industry and regulatory developments.
• Confidence and ability to collaborate across all hierarchical levels.
• Business-level proficiency in English and German is mandatory.