Information Security Analyst

Beschreibung

Job Zusammenfassung In dieser Position entwickelst du das Informationssicherheitsmanagement-System weiter, führst Audits durch, identifizierst Risiken und arbeitest eng mit Teams aus Engineering und Product zusammen, um Sicherheitskontrollen zu integrieren. Job Zusammenfassung In dieser Position entwickelst du das Informationssicherheitsmanagement-System weiter, führst Audits durch, identifizierst Risiken und arbeitest eng mit Teams aus Engineering und Product zusammen, um Sicherheitskontrollen zu integrieren. Deine Rolle im Team Evolve the Information Security Management System (ISMS): support and continuously improve PPRO's Information Security Management System, aligned to ISO/IEC 27001:202). You'll independently manage our ISMS to ensure it stays relevant, practical and scales with our growth. Audit & assurance innovation: play a key role in the ISO certification lifecycle, proactively finding ways to integrate continuous control monitoring and automated assurance, leveraging tools like Vanta. Embed native security: collaborate cross-functionally with Engineering and Product teams, working to embed controls seamlessly into daily workflows. Proactive risk management: actively identify risks, maintain the risk register and drive meaningful risk treatment. You'll connect your day-to-day work with PPRO's overall strategy, focusing on the effectiveness of controls rather than checkbox compliance. Customer-centric due diligence: support vendor security reviews and customer due diligence, continually considering the customer's perspective in your decision-making, helping to build trust both internally and externally. Modernise security awareness: design and deliver engaging, data-informed security education and awareness campaigns that change behaviour and cultivate a proactive, security-first culture across PPRO. Champion continuous improvement: continuously challenge the status quo, suggesting innovative ideas for automation and experiment with new technologies (including AI) to enhance risk insight and evidence collection. Unsere Erwartungen an dich Qualifikationen Engineering mindset: you look at manual, repetitive compliance tasks and immediately think about how to automate or streamline them. Familiarity with automation platforms, scripting, or tools like Vanta is a massive plus. Exceptional ownership: you approach your work with a commitment to excellence. You manage your time effectively, anticipate issues before they arise and decide independently how to approach task-related challenges. Nuanced communication: you're comfortable adapting your communication style to engage different stakeholders, translating complex security concepts into actionable, pragmatic insights for developers and business leaders alike, and building empathy and shared understanding. Curiosity and adaptability: you're enthusiastic about acquiring new skills and happy to step out of your comfort zone and adjust ways of working to accommodate team needs in a dynamic environment. Business acumen: you understand the fintech/payments market and competitors, meaning you balance security risks with business reality and speed. Erfahrung Core experience: solid, hands-on experience supporting or running an ISMS aligned to ISO/IEC 27001:2022, along with practical exposure to audits, risk management and control testing. Unser Angebot Hybrid working - We offer a hybrid structure with a 3 days / week on site expectation, so you can strike the balance between office and home working. In addition to our 30-day holiday allowance, we also provide a work from abroad policy, enabling employees to work remotely for up to another 30 days per year. Learning and Development - We offer a €1,000 annual budget to support your professional growth-because investing in your development benefits us all. In addition, we provide leadership cafés, on-the-job training, and other opportunities to help you grow your skills and thrive in your role. Insurance - Because better safe than sorry - we want our employees to benefit from various insurances including accident insurance, disability insurance, direct insurance (bAV) and travel insurance. Gym membership - PPRO helps contribute towards the costs of your gym membership, supporting your physical fitness journey while easing the burden on your wallet. Enhance Family Leave - We understand the importance of family - that's why we offer enhanced family leave to support you during key life moments. Mental Health Platform - We've teamed up with a top well-being platform to provide one-on-one therapy, chat therapy, therapist-led courses, guided meditations, and more. Pet-friendly office - Because work is better with your paw-tners by your side. Benefits Gesundheit, Fitness & Fun 🏋🏿‍♂️ Fitness Angebote Essen & Trinken 🍏 Frisches Obst ☕️ Kaffee, Tee o. Ä Themen mit denen du dich im Job beschäftigst Automation Cyber/Security AI Metadaten Level: Erfahren Job Feld: IT, Security Anstellung: Vollzeit Vertragsart: Unbefristetes Dienstverhältnis Arbeitsmodell: Hybrid, Onsite Unternehmenstyp: Etablierte Firma Branche: Internet, IT, Telekom Ort: Berlin | Deutschland

Tech Stack