Join the b2venture community at one of our portfolio companies. See all open positions below.

Interested in working directly for b2venture? Learn more.

Head of Information Security

Beekeeper

Beekeeper

IT
Berlin, Germany
Posted on Nov 26, 2024

At Beekeeper we take our customers’ trust in us extremely seriously. That is why security and privacy have always been top priorities and we pride ourselves in offering best-in-class security solutions, as well as staying abreast of key security certifications and standards. As we continue our growth journey, we are seeking an experienced Head of Information Security to oversee and elevate our security efforts across the organization.

Reporting to Beekeeper’s General Counsel and managing one Information Security Officer, you and your team will be responsible for implementing, managing and developing an effective governance framework to ensure that our security program adequately addresses the needs and expectations of customers, regulators, auditors and senior management, whilst balancing the broader strategic requirements of the business. You will work closely with senior executives, risk & compliance, security professionals and others to support effective information security risk management and establish measurable controls and policies that support and comply with relevant regulations and standards.

Your Responsibilities

  • Strategy & Vision: You will develop a strategic vision for the company security program, demonstrating how it will support Beekeeper in achieving its overall strategic objectives. You will create an annual security plan to track progress and address priorities effectively, always keeping in mind emerging trends and current threat landscape.
  • Information security management controls: You will manage, maintain and document the security controls and processes, and implement appropriate Key Performance Indicators (KPIs) to measure and report their effectiveness. Areas of focus will include secure software development, identity and access management, vulnerability management, logging and monitoring, and incident response.
  • Representing InfoSec Externally: You will effectively present and articulate our security practices, certifications, and compliance measures during sales processes, customer meetings, and external engagements to build trust and confidence.
  • Governance & Risk Management: You will establish and implement a comprehensive Enterprise Risk Management framework and further develop our risk inventory. In addition, you design and implement a framework that ensures appropriate decision rights, balancing the sometimes diverging expectations of the stakeholders, including prospects, customers, regulators, auditors and senior management.
  • Industry Standards & Readiness: You are responsible for preparing and maintaining relevant certifications and organizational readiness, as well as managing external relationships with the relevant regulator and accreditation organizations. You will help build organizational resilience through robust business continuity/disaster recovery planning and management. You will keep up to date with current and impending industry security standards and certifications.
  • Incident & Process Management: You will establish and refine security and privacy incident detection, response, and reporting processes to minimize impact and resolution time. You will lead and project manage various security, privacy, and other GRC initiatives alongside colleagues from multiple departments.
  • Develop a Strong Security Culture: You will cultivate an environment where decision-makers and stakeholders understand and care about information security and consider security implications in their decision-making, and where every individual understands their role and responsibilities in relation to security
  • Vendor and Stakeholder Security: You will strengthen and standardize security assessments and privacy requirements for our vendors and third-party providers.

What we look for in you

  • University Education degree in a relevant field
  • 5+ years of information security experience with demonstrated knowledge of information security management and governance, risk assessment and management, and audit.
  • Experience managing a team
  • Excellent verbal and written communication skills in English. German preferred. Any other language is a plus.
  • Ability to present complex technical issues in a succinct and easily understandable way to a variety of internal and external audiences, including senior management
  • Strong people management skills, especially in a matrix environment managing cross-functional teams and programs
  • Outstanding organizational and planning skills, ability to cope with high volumes of work and tight deadlines
  • Ability to switch between strategic thinking to practical implementation, not afraid to roll up sleeves and get stuck in, whilst also keeping the strategic perspective at all times
  • Practical experience with common information security management frameworks, in particular ISO 27001.
  • Industry-recognised information security certifications (e.g. Certified Information Security Professional/CISSP, Certified Information Security Manager/CISM, Certified Information Security Auditor/CISA)
  • In-depth knowledge of current and emerging data protection regulations in our core markets (GDPR, CCPA, HIIPA, Swiss Federal Act on Data Protection etc.)
  • Flexibility to travel

Bonus Points

  • Working experience in a technology or SaaS company

What we offer

  • Competitive salary
  • Phone & Home Internet costs reimbursement up to 80 EUR/month
  • Home office set-up reimbursement up to 300 EUR
  • Personal Learning & Development Budget of 1500 USD/year
  • Sabbatical Program – 1 month paid leave at 3, 5, 10 year tenure
  • 30 days of annual leave/year
  • 2 Mental Health days off per year
  • Oh and don’t forget about our Beekeeper Stock options!

Who we are

Beekeeper believes in the potential of every single employee. That’s why we’ve built the essential platform for frontline workers. We help organisations digitally enable their frontline, to boost productivity, quality and safety, and be more agile.

At Beekeeper, we celebrate diversity! All qualified applications will receive consideration for employment regardless of race, colour, ancestry, religion, nationality, sexual orientation, age, citizenship, marital status, disability or gender identity. We are committed to ensuring a smooth application process for all candidates. If you require accommodations due to a disability, please reach out to jobs@beekeeper.io, and our team will be more than happy to assist you.

Please know that you are not required to share your nationality, age or a picture of you on the CV! We are looking forward to your application! 🙂