Information Security Lead

Beschreibung

Job Zusammenfassung In dieser Position entwickelst du als Backend-Enginier robuste Systeme in Python/Django und übernimmst die Verantwortung für die Umsetzung der Informationssicherheitsstrategie und ISO 27001-Zertifizierung im Unternehmen. Job Zusammenfassung In dieser Position entwickelst du als Backend-Enginier robuste Systeme in Python/Django und übernimmst die Verantwortung für die Umsetzung der Informationssicherheitsstrategie und ISO 27001-Zertifizierung im Unternehmen. Deine Rolle im Team This is a unique hybrid position sitting within our Infrastructure team. You'll contribute as a hands-on Senior backend Engineer while simultaneously taking ownership of our information security strategy, acting as our de facto CISO. You'll be the go-to person for all security-related topics, bridging the gap between engineering, operations, and leadership. If you love building resilient systems and want your security work to have real company-wide impact, this role is for you. Collaborate with product teams and infrastructure on architecture decisions with a security-first mindset. Design, build, and maintain scalable, secure backend services and APIs in Python / Django. Own and drive TeleClinic's ISO 27001 certification and ongoing compliance, from gap analysis through to audit readiness. Develop, maintain, and enforce the company-wide Information Security Management System (ISMS). Define and implement security policies, standards, and procedures across and with all teams. Lead risk assessments, threat modelling, and vulnerability management. Educate and upskill colleagues on security awareness and best practices. Monitor the threat landscape and proactively address emerging risks relevant to a regulated healthcare environment. Unsere Erwartungen an dich Qualifikationen Solid understanding of network security, identity & access management, encryption, and secure SDLC. Familiarity with healthcare data regulations (GDPR, potentially HIPAA, or German digital health regulations such as DiGA) is a strong plus. Strong communicator who can translate complex security concepts to non-technical stakeholders. Proven track record with cloud infrastructure (AWS, GCP, or Azure) and modern DevSecOps practices is a plus. Fluent in English; German is a plus. Erfahrung 5+ years of Python backend engineering experience. Hands-on experience with ISO 27001, ideally having led or significantly contributed to an implementation or re-certification. Unser Angebot Please note that due to various partnership or legal agreements, some benefits may not be available outside of Germany. Benefits Gesundheit, Fitness & Fun 🚲 Jobrad Essen & Trinken 🥪 Snacks, Süßigkeiten 🍏 Frisches Obst Work-Life-Integration ⏰ Flexible Arbeitszeiten 🏠 Home Office Themen mit denen du dich im Job beschäftigst Cyber/Security HealthTech Metadaten Level: Senior Job Feld: IT, Security, Back End Anstellung: Vollzeit Vertragsart: Unbefristetes Dienstverhältnis Arbeitsmodell: Hybrid, Onsite Unternehmenstyp: Etablierte Firma Branche: Gesundheitswesen, Soziales Ort: München | Deutschland

Tech Stack