Jobright is an AI-powered career platform that helps job seekers discover the top opportunities in the US. We are NOT a staffing agency. Jobright does not hire directly for these positions. We connect you with verified openings from employers you can trust. Job Summary: Beyond Identity is revolutionizing digital access for organizations looking to improve protection against cyber attacks. The Chief Information Security Officer (CISO) will oversee the strategic planning and implementation of cybersecurity programs ensuring alignment with business objectives and leading a high-performing security team to respond to emerging threats. Responsibilities: • Develop implement and manage a comprehensive cybersecurity strategy ensuring alignment with Beyond Identity's business objectives. • Oversee and guide security architecture design and engineering practices within product development processes ensuring security is integrated at every stage. • Lead operational security functions including proactive threat monitoring incident detection and response threat hunting vulnerability management and continuous security posture improvements. • Build and lead a high-performing security team capable of rapid and effective response to emerging threats. • Collaborate closely with engineering product sales and customer success teams to embed security best practices throughout the organization. • Provide thought leadership externally by engaging with customers industry experts and market analysts to drive awareness and adoption of cutting-edge identity security strategies and preventative architectures. • Frequently travel to engage directly with customers and the broader cybersecurity community representing Beyond Identity at conferences industry forums and customer sites. • Maintain a strong understanding of evolving nation-state threats and adversary TTPs ensuring Beyond Identity maintains industry-leading defenses. Qualifications: Required: • Extensive technical cybersecurity expertise with hands-on experience in architecture development and operations of advanced security systems. • Proven experience in senior leadership roles within cybersecurity particularly leading security operations teams in environments targeted by nation-state adversaries. • Demonstrated ability to effectively communicate complex technical security concepts to executive technical and non-technical audiences. • Strong experience with efficient detection and response frameworks incident management and threat intelligence. • Exceptional flexibility adaptability and resilience with the capacity to thrive and deliver results in a fast-paced startup environment. • Comfortable with frequent travel and active engagement in industry forums customer interactions and thought leadership. • Extensive experience and understanding of key compliance regimes including FedRAMP SOC2 PCI DSS CMMC Impact Levels (IL) GDPR NYDFS CDPA and other relevant security and privacy standards. Preferred: • Previous experience at U.S. Cyber Command NSA or equivalent organizations is highly desirable especially roles involving operations against sophisticated threat actors. Company: Beyond Identity provides passwordless identity management solutions to help secure digital business. Founded in 2020 headquartered in New York New York USA team size 51-200 employees currently Growth Stage. Beyond Identity has a track record of offering H1B sponsorships.

Verified Job On Employer Career Site Job Summary: Dentsply Sirona is the world’s largest manufacturer of professional dental products and technologies dedicated to improving dental care. They are seeking a Deputy Chief Information & Security Officer to lead cybersecurity operations focusing on detection response and secure architecture across the enterprise. Responsibilities: • Define and execute a strategy to mature Dentsply Sirona’s Detection and Response capabilities into a modern hybrid Detection and Response organization responsible for 24/7 coverage across enterprise cloud and product ecosystems. • Provide day-to-day leadership and oversight of internal Detection and Response teams while governing MSSP/MDR partners to ensure accountability integration and performance aligned to business needs. • Serve as Incident Commander for major cybersecurity incidents and product-related breaches coordinating both internal and external resources to minimize impact and ensure timely containment and recovery. • Build and maintain tailored detection prevention and response capabilities mapped to the MITRE ATT&CK and D3FEND frameworks spanning IT OT cloud and product telemetry. • Drive automation across detection triage and response using SOAR platforms develop and manage automated playbooks for enterprise and product environments. • Analyze incident trends threat intelligence and operational metrics to identify systemic issues and enable informed decision-making across Cybersecurity and the broader Global Security function. • Oversee documentation governance ensuring all SOC/IR policies procedures runbooks playbooks and engineering standards remain current and aligned with evolving threats compliance and business priorities. • Define and report performance metrics and KPIs for Detection and Response effectiveness including time to detect (TTD) time to respond (TTR) SOC coverage MSSP SLA adherence and product monitoring uptake. • Leadership. Lead by example. Oversee experienced level senior leaders and professionals. Advise team(s) on complex matters. Lead the performance feedback process sets performance and development goals regularly provides feedback. Develop motivate inspire and empower others. Recognize success and make hard decisions. • Mentor coach and grow a high-performance team culture across SOC IR and Security Architecture & Engineering (SAE) ensuring career development and role clarity. • Drive fusion and integration with Product Security Information Technology Legal Privacy and Communications to ensure a unified threat detection and incident response capability across the enterprise and product lines. • Coordinate with product engineering teams and MSSP partners to onboard product telemetry enrich contextual detections and build product-specific IR playbooks. • Engage with external consultants and technical service providers to support escalated investigations penetration tests red team exercises and readiness assessments. • Additional responsibilities as assigned by the CISO to support strategic and operational cybersecurity initiatives. Qualifications: Required: • Bachelor’s degree in Cybersecurity Computer Science Information Technology Engineering or a related technical field (Substitution: 5 years of directly relevant experience may be substituted for a bachelor’s degree) • At least 10 years of experience in cybersecurity operations incident response or security architecture • At least 10 years of experience leading cybersecurity teams including direct leadership of managers and cross-functional teams • Demonstrated experience managing MSSP/MDR providers or operating in a hybrid SOC model • Strong familiarity with NIST CSF 2.0 and NIST SP 800-61 (Incident Handling Guide) • Strong familiarity with MITRE ATT&CK framework • Strong familiarity with CIS Controls v8.1 • Ability to write clear strategy and process documentation and experience championing new initiatives • Ability to lead thru influence bring people together and effectively resolve conflicts • Experience hiring globally managing developing and retaining top cybersecurity talent Preferred: • Master’s degree in Cybersecurity Business Administration (MBA) or a related discipline (Substitution: 10 years of directly relevant experience may be substituted for master's degree) • One or more industry-recognized certifications: CISSP – Certified Information Systems Security Professional CISM – Certified Information Security Manager GIAC certifications (e.g. GCIA GCIH GNFA) OSCP – Offensive Security Certified Professional • Hands-on experience with SOAR platform deployment and playbook development • Hands-on experience with security monitoring for connected products cloud and OT/IoT environments • Familiarity with ISO/IEC 27001 and incident reporting requirements under HIPAA GDPR SEC or FDA 524B • Ability to lead effectively under pressure and during high-impact cyber incidents • Ability to communicate technical concepts to non-technical and executive stakeholders • Ability to align day-to-day operations with strategic cybersecurity and business objectives • Ability to collaborate across IT product engineering legal compliance and business teams • Ability to build scalable and continuously improving detection and response capabilities • Ability to prioritize and manage multiple competing demands in a global enterprise environment • Deep understanding of cybersecurity operations incident response and threat detection methodologies • Expertise in cybersecurity frameworks such as NIST CSF 2.0 NIST SP 800-61 MITRE ATT&CK MITRE D3FEND and CIS Controls v8.1 • Strong knowledge of SIEM SOAR EDR/XDR IAM and network defense technologies • Familiarity with secure cloud and hybrid architecture including AWS and Azure • Understanding of regulatory and industry standards (HIPAA GDPR ISO/IEC 27001 FDA 524B) • Awareness of product security risks telemetry integration and monitoring for connected or regulated devices • Leadership and team development including direct management of managers and cross-functional technical teams • Advanced incident handling and cyber crisis management including executive-level communication • MSSP/MDR management and hybrid SOC operations oversight • Detection engineering and threat analysis across enterprise and product environments • SOAR platform integration and automation of response playbooks • Development and maintenance of response documentation runbooks and playbooks • Operational metrics analysis and data-driven decision-making • Program and project management in complex fast-paced environments • Ability to lead effectively under pressure and during high-impact cyber incidents • Ability to communicate technical concepts to non-technical and executive stakeholders • Ability to align day-to-day operations with strategic cybersecurity and business objectives • Ability to collaborate across IT product engineering legal compliance and business teams • Ability to build scalable and continuously improving detection and response capabilities • Ability to prioritize and manage multiple competing demands in a global enterprise environment • Strategic Thinking – Applies experience knowledge and perspective of business and external or global factors to create new perspectives and fresh thinking. • Understands current skills developments and trends in the industry uses this information to anticipate and problem solve for customer needs. • Adheres to the requirements standards and regulations that govern the way we do business. • Is authentic and transparent even when it means admitting knowledge gaps or mistakes. • Internationally and culturally aware • Experience with communications and change management. • Strategic focus with the ability to also operate tactically when needed • Exceptional Analytical thinking with effective judgment and decision-making capabilities • A positive approach and a can-do attitude in a fast-paced environment. Company: Dentsply Sirona is a manufacturer of dental products and technologies. Founded in 1899 the company is headquartered in Charlotte North Carolina USA with a team of 10001+ employees. The company is currently Public Company. Dentsply Sirona has a track record of offering H1B sponsorships.

Job Summary The Chief of Information Security and Security Officer (CISO) is responsible for providing leadership and operational excellence for developing and supporting security initiatives and policies along with developing strategies to protect sensitive data managing security risks investigating and remediating security incidents and promoting security awareness and compliance across the organization. The CISO acts as the primary contact for security-related matters and serves as the organization's HIPAA Security Officer. Targeted compensation range for this role is $180000-$220000. Job Responsibilities Leadership & Strategy: Develop and manage a comprehensive information security and risk management program aligned with business objectives and regulatory requirements. Serve as the organization's HIPAA Security Officer and lead all activities related to ensuring the security of protected health information (PHI). Collaborate with executive leadership legal compliance and IT teams to integrate security into all aspects of operations and technology. Serves in a leadership capacity in the execution of the organizations Cyber Incident Response plan coordinating action communication and mitigation efforts in conjunction with Executive Leadership. Keep current with emerging security trends conduct research and make recommendations for improvements to current processes. Advise counsel and educate executive and management teams on technology’s relative importance and financial impact. Governance Risk & Compliance Establish implement maintain and audit information security policies procedures and controls in accordance with PathGroup’s Compliance Program federal laws and industry-standard best practices. Conduct regular risk assessments and security audits to identify vulnerabilities and recommend mitigations. Oversee security incident response planning and investigation of security breaches including documentation and reporting. Work closely with the Chief Information Officer and Privacy Officer to develop and administer security awareness training for all employees and contractors. Security Operations Lead strategic security and incident response planning to achieve business goals by prioritizing defense initiatives through the deployment monitoring maintenance development and upgrading of current and future security tools technologies and systems. Ensure regular risk assessments penetration testing and remediation efforts are conducted on a regular and timely basis. Monitor and analyze network and system activity for anomalies and trends to prevent and remediate security incidents in a timely manner. Work with IT to implement secure system configurations and DevSecOps practices. Third-Party Vendor And Client Management Evaluate third-party vendors and partners for security and compliance posture. Complete all required security assessments from existing or prospective clients. Participate in contract negotiations to ensure appropriate security requirements and data protection terms are in place. Management Manage the employee hiring process including developing and updating job descriptions developing performance expectations identifying essential functions and knowledge skills and abilities required for applicable positions and selecting and assigning staff. Supervise and manage employee and team performance by coaching counseling motivating and evaluating employees on a continual basis. Implement disciplinary action as needed and in consultation with Human Resources. Coordinate team projects schedule work assignments set priorities and direct the work of subordinate employees. Ensure effective employee relations by sustaining an ethical non-discriminatory and safe work environment and establishing effective communication lines and methods. Identify and solve employee problems manage conflict and respond to grievances as needed. Perform all job responsibilities in alignment with the industry’s best security practices and regulatory guidelines to protect confidentiality integrity and availability of protected health information and other sensitive company data. Must be familiar with and abide by the Corporate Compliance Program and all Corporate policies including the Privacy and Security policies. Non-essential Functions Nothing in the job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time. Other duties as assigned

Job Summary The Chief of Information Security and Security Officer (CISO) is responsible for providing leadership and operational excellence for developing and supporting security initiatives and policies along with developing strategies to protect sensitive data managing security risks investigating and remediating security incidents and promoting security awareness and compliance across the organization. The CISO acts as the primary contact for security-related matters and serves as the organization's HIPAA Security Officer. Targeted compensation range for this role is $180000-$220000. Job Responsibilities Leadership & Strategy: Develop and manage a comprehensive information security and risk management program aligned with business objectives and regulatory requirements. Serve as the organization's HIPAA Security Officer and lead all activities related to ensuring the security of protected health information (PHI). Collaborate with executive leadership legal compliance and IT teams to integrate security into all aspects of operations and technology. Serves in a leadership capacity in the execution of the organizations Cyber Incident Response plan coordinating action communication and mitigation efforts in conjunction with Executive Leadership. Keep current with emerging security trends conduct research and make recommendations for improvements to current processes. Advise counsel and educate executive and management teams on technology’s relative importance and financial impact. Governance Risk & Compliance Establish implement maintain and audit information security policies procedures and controls in accordance with PathGroup’s Compliance Program federal laws and industry-standard best practices. Conduct regular risk assessments and security audits to identify vulnerabilities and recommend mitigations. Oversee security incident response planning and investigation of security breaches including documentation and reporting. Work closely with the Chief Information Officer and Privacy Officer to develop and administer security awareness training for all employees and contractors. Security Operations Lead strategic security and incident response planning to achieve business goals by prioritizing defense initiatives through the deployment monitoring maintenance development and upgrading of current and future security tools technologies and systems. Ensure regular risk assessments penetration testing and remediation efforts are conducted on a regular and timely basis. Monitor and analyze network and system activity for anomalies and trends to prevent and remediate security incidents in a timely manner. Work with IT to implement secure system configurations and DevSecOps practices. Third-Party Vendor And Client Management Evaluate third-party vendors and partners for security and compliance posture. Complete all required security assessments from existing or prospective clients. Participate in contract negotiations to ensure appropriate security requirements and data protection terms are in place. Management Manage the employee hiring process including developing and updating job descriptions developing performance expectations identifying essential functions and knowledge skills and abilities required for applicable positions and selecting and assigning staff. Supervise and manage employee and team performance by coaching counseling motivating and evaluating employees on a continual basis. Implement disciplinary action as needed and in consultation with Human Resources. Coordinate team projects schedule work assignments set priorities and direct the work of subordinate employees. Ensure effective employee relations by sustaining an ethical non-discriminatory and safe work environment and establishing effective communication lines and methods. Identify and solve employee problems manage conflict and respond to grievances as needed. Perform all job responsibilities in alignment with the industry’s best security practices and regulatory guidelines to protect confidentiality integrity and availability of protected health information and other sensitive company data. Must be familiar with and abide by the Corporate Compliance Program and all Corporate policies including the Privacy and Security policies. Non-essential Functions Nothing in the job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time. Other duties as assigned

We are looking for a virtual cybersecurity or compliance expert to guide our security posture particularly as we move into regulated spaces like auto-financing. The role is ideal for someone with extensive regulatory familiarity and previous experience operating in a strategic advisory capacity. ➡ Key Responsibilities ➡ Lead compliance audits aligned with KSA regulations especially SAMA frameworksReview and implement data security strategies across departmentsSupport regulatory submissions and responses for fintech operationsOversee documentation and data protection practicesCoordinate with product and legal teams to maintain standards Ideal Profile ➡ Saudi national 6+ years experienceDeep understanding of SAMA regulatory requirements and KSA cybersecurity lawPrior role as vCISO or senior security/compliance consultantExperience operating through or with an agency setup (ideal)Familiarity with ISO 27001 NIST SOC 2 compliance standardsAbility to lead cross-functional audit and compliance efforts across departments ➡

This well-established and innovative healthcare technology company focused on improving the health and wellness industry is looking to expand their team with a Chief Information Security Officer (CISO) to oversee the company’s cybersecurity application security and risk management strategies. This remote role offers the opportunity to develop and implement a comprehensive security plan and ensures the security and privacy of client data while aligning with the business’s growth. Required Skills & Experience 12-15+ years of experience building and scaling information security risk management and compliance programs within large complex organizations. Previous experience as a CISO or equivalent in a SaaS company or healthcare provider with a preference for candidates with prior experience in digital health. Deep expertise in security privacy and IT audit frameworks such as HITRUST CSF HIPAA and PCI regulations. Extensive experience with risk management incident response crisis management threat intelligence and developing secure business practices. Strong experience in technical security areas including penetration testing vulnerability management mobile security cloud security and network security. Knowledge of secure coding practices identity and access management (IAM) and security incident response. Proven ability to communicate complex security concepts to executive leaders customers and other non-technical audiences. Experience with high-velocity software deployment environments and the ability to drive security practices in agile organizations. Demonstrated people management skills with the ability to motivate mentor and grow a team of security professionals. A passion for helping private practices thrive in the mental wellness space. Bachelor's degree in a related field advanced certifications such as CISSP CISM or CISA are preferred. What You Will Be Doing Tech Breakdown 40% Cybersecurity & Application Security Strategy – Developing and executing long-term security vision strategy and roadmap aligned with company growth and product goals. 30% Risk Management & Compliance – Overseeing risk evaluations and implementing a robust risk management framework to mitigate security risks. 20% Team Leadership & Culture – Leading a team of security professionals and promoting a culture of security across the organization. 10% Incident Response & Crisis Management – Managing 24x7 security operations security architecture and contingency plans. Daily Responsibilities 60% Oversee and execute the company’s cybersecurity and application security initiatives ensuring data privacy and integrity for customers. 25% Manage security compliance including ensuring HIPAA HITRUST and PCI regulations are met and certifications are maintained. 15% Provide thought leadership on security operations and advocate for the adoption of secure practices across teams. The Offer Bonus OR Commission eligible You Will Receive The Following Benefits Medical Dental and Vision Insurance Vacation Time Stock Options Posted By: Shawnette Beserra

Die Finanzen.net Gruppe ist ein innovatives FinTech-Unternehmen das private und professionelle Anleger bei ihren Investitionsentscheidungen unterstützt. Zur Gruppe Gehören finanzen.net – eines der führenden Finanzinformationsportale in der DACH-Region finanzen.net ZERO – ein Neobroker für kostengünstigen Wertpapierhandel TraderFox – ein Anbieter von Finanzinformationen und Trading-Tools für semi-professionelle Investoren und die die es werden wollen Unsere Vision Ist We strive to be the best partner for our customers on their investment journey Anfang 2025 wurde die Finanzen Gruppe von Inflexion einer führenden europäischen Private-Equity-Gesellschaft im Mid-Cap-Segment übernommen. Inflexion unterstützt ambitionierte Management-Teams dabei wachstumsstarke Unternehmen weiterzuentwickeln und nachhaltig zu skalieren. Im Zuge der Übernahme werden die bislang eigenständig geführten Geschäftseinheiten strategisch zusammengeführt. Durch diese Neuausrichtung und die starke Innovationskraft der Gruppe entstehen neue Wachstumschancen um die Marktposition als führende Investment-Plattform weiter auszubauen. Um die Wachstumsstrategie und das Wertsteigerungsprogramm erfolgreich umzusetzen suchen wir engagierte Talente die diesen Wandel aktiv mitgestalten möchten Aufgaben Als CISO übernimmst du die volle Verantwortung für unsere Informationssicherheitsstrategie. Du arbeitest direkt mit der Geschäftsführung Tech- und Compliance-Teams zusammen um ein sicheres skalierbares und regulatorisch konformes Umfeld aufzubauen. Aufbau und Weiterentwicklung unseres Information Security Management Systems (ISMS) Entwicklung und Umsetzung einer ganzheitlichen Cybersecurity-Strategie Durchführung von Risikobewertungen und Bedrohungsanalysen Verantwortung für Datenschutz- IT-Governance- und Compliance-Themen (z. B. ISO 27001 SOC 2 BAIT) Steuerung von Audits Penetration Tests und Sicherheitszertifizierungen Enge Zusammenarbeit mit Tech- Product- und Legal-Teams Aufbau eines internen Security-Teams (inhouse oder mit externen Partnern) Krisenmanagement bei Sicherheitsvorfällen und Profil Qualifikationen Mehrjährige Erfahrung im Bereich Informationssicherheit idealerweise in einem Fintech oder regulierten Umfeld Fundiertes Wissen über moderne IT-Infrastrukturen Cloud-Umgebungen (z. B. AWS) DevSecOps und gängige Sicherheitsstandards Erfahrung mit Regulierungsanforderungen (z. B. BaFin DSGVO ISO 27001) Strategische Denkweise kombiniert mit Hands-on-Mentalität Kommunikationsstärke auf C-Level und technischer Ebene Zertifizierungen wie CISSP CISM ISO 27001 Lead Implementer/Auditor sind ein Plus Fließende Deutschkenntnisse Wir bieten Zusätzliche Informationen Gestaltungsfreiheit & Verantwortung: Technische und budgetäre Gesamtverantwortung für eine geschäftskritische Infrastruktur Work-Life-Balance: flexible Arbeitszeitengestaltung ausgeprägte Mobile Office-Möglichkeiten Workation im europäischen Ausland Weiterbildung & Entwicklung: Teilnahme an Seminaren und Trainings Besuch von Konferenzen und Kongressen Netzwerk an fachlichen Austauschpartnern Team-Events: regelmäßiges Grillen auf der Dachterrasse Betriebsausflug Sommerfest Weihnachtsfeier Eiswagen sowie regelmäßige teaminterne Events im Rahmen eigener Teambudgets Gesundheit: freies Obst Teilnahme am B2Run Weitere Benefits: U.a. Betriebliche Altersvorsorge Vermögenswirksame Leistungen Zuschuss für den öffentlichen Nahverkehr vergünstigte Mitarbeiterparkplätze Important note Please be advised that a valid work permit for Germany is required for non-EU citizens. Unfortunately applications without a valid work permit and sufficient German language skills may not be considered. LNKD1DE

Stellenbeschreibung Als CISO übernimmst du die volle Verantwortung für unsere Informationssicherheitsstrategie. Du arbeitest direkt mit der Geschäftsführung Tech- und Compliance-Teams zusammen um ein sicheres skalierbares und regulatorisch konformes Umfeld aufzubauen. Aufbau und Weiterentwicklung unseres Information Security Management Systems (ISMS) Entwicklung und Umsetzung einer ganzheitlichen Cybersecurity-Strategie Durchführung von Risikobewertungen und Bedrohungsanalysen Verantwortung für Datenschutz- IT-Governance- und Compliance-Themen (z. B. ISO 27001 SOC 2 BAIT) Steuerung von Audits Penetration Tests und Sicherheitszertifizierungen Enge Zusammenarbeit mit Tech- Product- und Legal-Teams Aufbau eines internen Security-Teams (inhouse oder mit externen Partnern) Krisenmanagement bei Sicherheitsvorfällen und Incident Response Qualifikationen Mehrjährige Erfahrung im Bereich Informationssicherheit idealerweise in einem Fintech oder regulierten Umfeld Fundiertes Wissen über moderne IT-Infrastrukturen Cloud-Umgebungen (z. B. AWS) DevSecOps und gängige Sicherheitsstandards Erfahrung mit Regulierungsanforderungen (z. B. BaFin DSGVO ISO 27001) Strategische Denkweise kombiniert mit Hands-on-Mentalität Kommunikationsstärke auf C-Level und technischer Ebene Zertifizierungen wie CISSP CISM ISO 27001 Lead Implementer/Auditor sind ein Plus Fließende Deutschkenntnisse in Wort und Schrift Zusätzliche Informationen Gestaltungsfreiheit & Verantwortung: Technische und budgetäre Gesamtverantwortung für eine geschäftskritische Infrastruktur Work-Life-Balance: flexible Arbeitszeitengestaltung ausgeprägte Mobile Office-Möglichkeiten Workation im europäischen Ausland Weiterbildung & Entwicklung: Teilnahme an Seminaren und Trainings Besuch von Konferenzen und Kongressen Netzwerk an fachlichen Austauschpartnern Team-Events: regelmäßiges Grillen auf der Dachterrasse Betriebsausflug Sommerfest Weihnachtsfeier Eiswagen sowie regelmäßige teaminterne Events im Rahmen eigener Teambudgets Gesundheit: freies Obst Teilnahme am B2Run Weitere Benefits: U.a. Betriebliche Altersvorsorge Vermögenswirksame Leistungen Zuschuss für den öffentlichen Nahverkehr vergünstigte Mitarbeiterparkplätze uvm. dogfriendly workplace

Unternehmensbeschreibung Die Finanzen.net Gruppe ist ein innovatives FinTech-Unternehmen das private und professionelle Anleger bei ihren Investitionsentscheidungen unterstützt. Zur Gruppe Gehören finanzen.net – eines der führenden Finanzinformationsportale in der DACH-Region finanzen.net ZERO – ein Neobroker für kostengünstigen Wertpapierhandel TraderFox – ein Anbieter von Finanzinformationen und Trading-Tools für semi-professionelle Investoren und die die es werden wollen Unsere Vision Ist We strive to be the best partner for our customers on their investment journey Anfang 2025 wurde die Finanzen Gruppe von Inflexion einer führenden europäischen Private-Equity-Gesellschaft im Mid-Cap-Segment übernommen. Inflexion unterstützt ambitionierte Management-Teams dabei wachstumsstarke Unternehmen weiterzuentwickeln und nachhaltig zu skalieren. Im Zuge der Übernahme werden die bislang eigenständig geführten Geschäftseinheiten strategisch zusammengeführt. Durch diese Neuausrichtung und die starke Innovationskraft der Gruppe entstehen neue Wachstumschancen um die Marktposition als führende Investment-Plattform weiter auszubauen. Um die Wachstumsstrategie und das Wertsteigerungsprogramm erfolgreich umzusetzen suchen wir engagierte Talente die diesen Wandel aktiv mitgestalten möchten. Stellenbeschreibung Als CISO übernimmst du die volle Verantwortung für unsere Informationssicherheitsstrategie. Du arbeitest direkt mit der Geschäftsführung Tech- und Compliance-Teams zusammen um ein sicheres skalierbares und regulatorisch konformes Umfeld aufzubauen. Aufbau und Weiterentwicklung unseres Information Security Management Systems (ISMS) Entwicklung und Umsetzung einer ganzheitlichen Cybersecurity-Strategie Durchführung von Risikobewertungen und Bedrohungsanalysen Verantwortung für Datenschutz- IT-Governance- und Compliance-Themen (z. B. ISO 27001 SOC 2 BAIT) Steuerung von Audits Penetration Tests und Sicherheitszertifizierungen Enge Zusammenarbeit mit Tech- Product- und Legal-Teams Aufbau eines internen Security-Teams (inhouse oder mit externen Partnern) Krisenmanagement bei Sicherheitsvorfällen und Incident Response Qualifikationen Mehrjährige Erfahrung im Bereich Informationssicherheit idealerweise in einem Fintech oder regulierten Umfeld Fundiertes Wissen über moderne IT-Infrastrukturen Cloud-Umgebungen (z. B. AWS) DevSecOps und gängige Sicherheitsstandards Erfahrung mit Regulierungsanforderungen (z. B. BaFin DSGVO ISO 27001) Strategische Denkweise kombiniert mit Hands-on-Mentalität Kommunikationsstärke auf C-Level und technischer Ebene Zertifizierungen wie CISSP CISM ISO 27001 Lead Implementer/Auditor sind ein Plus Fließende Deutschkenntnisse in Wort und Schrift Zusätzliche Informationen Gestaltungsfreiheit & Verantwortung: Technische und budgetäre Gesamtverantwortung für eine geschäftskritische Infrastruktur Work-Life-Balance: flexible Arbeitszeitengestaltung ausgeprägte Mobile Office-Möglichkeiten Workation im europäischen Ausland Weiterbildung & Entwicklung: Teilnahme an Seminaren und Trainings Besuch von Konferenzen und Kongressen Netzwerk an fachlichen Austauschpartnern Team-Events: regelmäßiges Grillen auf der Dachterrasse Betriebsausflug Sommerfest Weihnachtsfeier Eiswagen sowie regelmäßige teaminterne Events im Rahmen eigener Teambudgets Gesundheit: freies Obst Teilnahme am B2Run Weitere Benefits: U.a. Betriebliche Altersvorsorge Vermögenswirksame Leistungen Zuschuss für den öffentlichen Nahverkehr vergünstigte Mitarbeiterparkplätze uvm. dogfriendly workplace