Information Security Engineer (m/f/d)

Are you excited to develop a best-in-class information security program? Do you want to help protect the private data of your colleagues, customers, and partners? Then apply now as an Information Security Engineer (m/f/d) for our team!

• Analysis: You use industry standard Cybersecurity Frameworks to perform security controls gap analyses and provide recommendations for improvements and remediations.

• Assessment: You conduct security audits, vulnerability scans, and risk assessments to develop a risk register and mitigation strategy.

• Documentation: You lead or support the development and maintenance of security policies, procedures, and standards to support the confidentiality, integrity, and availability of our systems and data.

• Implementation and Maintenance: You design and implement security controls, processes, and systems that protect our systems and data and improve our security posture.

• Monitor and Investigate: You participate in security incident investigations by monitoring and analyzing security logs and alerts, summarizing the data, establishing a timeline of the attack, providing guidance for containment, eradication, and recovery, and participating in post-incident activities.

• Development: You stay up-to-date with the current threat landscape, trends in the industry, and vulnerability management techniques.

• Education: You have completed a training or internship program in Information Security or have a university degree. Certifications such as the ISC2 CISSP/CCSP, ISACA CISM/CCSP, or CompTIA Security+ are a plus.

• Professional Experience: You have 3+ years of professional experience in information security.

• Know-How: You have good knowledge of implementing and maintaining at least one major cybersecurity framework (e.g. ISO27001, NIST CSF, CIS Controls, etc.).

• Skills: You have hand-on experience with performing security analysis, security incident response and investigation, and security control development and management.

• Working style: You work reliably, independently and produce high-quality work.

• Language skills: You have professional proficiency in English (German is a plus).

• GAP Analysis: You will perform a GAP analysis against a major cybersecurity framework, present your findings, and develop a risk register to prioritize and track the remediation plan.

• Audit: You will conduct a privilege audit against our core systems and make recommendations to reduce the potential attack surface.

• Security Development: You will collaborate as part of the EGYM Systems and Infrastructure team to deploy the first phase of a Role-based Access Control system and process.

• Modern Culture: Be part of a modern and international company culture where talent and passion are welcomed, heard, and part of the decision-making process.

• Continuous Development: Develop your skills with varied, challenging tasks and regular feedback for a steep learning curve.

• Work-Life-Balance: Benefit from flexible working hours, a hybrid workplace model and 30 days of vacation per year.

• Fit & Healthy: Train for free with EGYM Wellpass in several thousand sports and health facilities across Germany, or alternatively use our in-house gym with EGYM products.

• Mobility: Enjoy a monthly travel subsidy of 45€ for public transport.

• Discounted Offers: Enjoy a variety of great discounted offers, from fashion to leisure, through our employee benefits portal.

• Bike Leasing: Stay active with our leasing bike offer for your commute or in your spare time.

• Subsidized Pension: Profit from our employer-subsidized pension.

Upload your documents (CV, salary expectations and earliest possible start date) and specify the job ID #1746.

Contact Person: Marco Ohde

For more information: https://career.egym.com/