‹ Back to search results
Information Security Assurance Manager
Germany - Berlin
to €65K per Year
Our client believes that everyone can turn their passion into a career! With our cloud-based SaaS platform solution elopage.com, we offer people the opportunity to create and sell digital products and online courses quickly and easily.
Our story started in 2015. For the first 5 years of our existence, we grew organically and became a profitable company with around 60 employees. Then, in September 2021, we raised $38 million in series A funding, led by Target Global and with participation from Partech Ventures and Avid Ventures. Since then we have doubled in size to 120 people and we want to double in size again this year, whilst expanding internationally.
We are seeking an Information Security Assurance Manager whose role will be to support the design, deployment, and day to day operations of company wide Information Systems security technologies as well as programs deployed across the EP technology landscape. The role operates in collaboration with other Technology teams to assess, improve and maintain the overall security posture of application delivery, IT Infrastructure, and the protection of data assets. The role will have the critical function of integrating into the software development communities in order to ensure Information Assurance requirements and security best practice are addressed as part of the software development lifecycle across elopage's application landscape.
- Leads identity and access management efforts in accordance with security policies, standards, guidelines, and operational procedures.
- Implements and troubleshoots the user account lifecycle to provision, maintain and terminate user accounts across multiple directories, applications, platforms and networks
- Administers periodic access reviews and supports internal audits of access controls. Identifies potential weaknesses and opportunities for corrective action. Designs role-based access controls.
- Develops workflows and process documentation.
- Identifies potential non-compliance situations and informs department leadership.
- Serves as a leading customer interface for the Information Security Department.
- Experience applying risk management frameworks such as NIST 800-37 is required.
- Utilizes automated Governance, Risk and Compliance tools to track artifacts of the risk management lifecycle.
- Analyzes, designs, and implements business processes and requirements to ensure compliance with security policies and procedures. In accordance with approved security frameworks, advises information security colleagues and business clients on information security requirements, compliance responsibilities and methods to protect resources and sensitive information.
- Reviews internal, government, academic and commercial sources of information to anticipate new security compliance requirements and identify advancements to best practices for protecting resources and information.
- Drafts local policies, standards, guidelines and procedures to supplement enterprise security frameworks.
- Prepares reports on compliance status and contributes to security breach reporting activities
- 3 years of direct information security experience in a global IT environment supporting at least 4 of the 10 security domains
- University degree (or equivalent experience) in Computer Science, Development, Engineering, or another technical field
- Experience working with current and emerging development methodologies
- Experience in application development, software development life cycle, and CI/CD pipelines
- Experience using source control systems
- Detailed functional knowledge of OWASP principles for protecting modern web applications
- Functional knowledge of container technologies, Kubernetes and Docker is a plus
- Experience with Checkmarx SAST, SD Elements Threat Modeling, and JIRA
- Experience with security task automation using scripting languages such as Python
- Working knowledge of hardware and software (cloud) based network technologies including next generation firewalls, web application firewalls, and AWS security groups, VPCs in a global IT environment
- Working knowledge of virtualized server technologies, Microsoft Active Directory including Azure, Windows and Linux operating systems
- Working knowledge of defensive security technologies such as SIEM, behavioral/data analytics, IDS/IPS, anti-malware, encryption, and vulnerability management
- Experience in log analysis and correlation
- Strong customer service, written, and oral communication skills
- Ability to maintain security as well as confidentiality when dealing with sensitive information for a global environment
- Ability to prioritize tasks in order to meet deadlines and deliver measurable results
- Ability to collaborate with team members as well as non-team members to support a multi-site customer base that extends globally
- Experience in developing as well as implementing support and administration procedures
We believe that everyone can turn their passion into a career. With our cloud-based SaaS platform solution elopage.com, we offer everyone the opportunity to create and sell digital products and online courses quickly and easily.
- Paid Time Off - 30 Vacation Days
- Personal Training & Development
- Responsibility and trust from day 1
- Individual coaching and further training to support you in your development
- A free BVG ticket
- Employee discounts at numerous companies (e.g. at the gym or in online stores)
- A Culture of equity and Inclusion where you are appreciated for the person you are