At movingimage, video is what drives us. We are a global leader in delivering secure enterprise video solutions. Simply put, we want to revolutionize the way in which companies use video. Our cloud-based solution is a centralized platform that enables companies to efficiently manage and stream all their video assets for customers, partners, and employees in the best possible quality on any device.
We are seeking a highly skilled Senior PHP Developer who is eager to expand their expertise to full stack development or transition into a Java Developer role within one year.
We move videos.
Together with you, we will move even more.
As an Information Security Officer, you’ll take on the following responsibilities:
- Develop, implement, and monitor a robust integrated management system aligned with ISO 27001, ISO 9001, ISO 20000-1, and TISAX requirements.
- Facilitate regular internal and external audits to ensure compliance with industry standards and assist in maintaining our certifications.
- Lead and support audit processes, managing responses to findings and implementing corrective actions to continuously improve our security posture.
- Create and maintain detailed security documentation, including policies, procedures, risk assessments, and incident response plans.
- Conduct thorough risk assessments across the organization to identify potential vulnerabilities and recommend mitigation strategies.
- Collaborate with DevSecOps and Engineering teams to embed security protocols and practices within the product development lifecycle.
- Stay informed of emerging cybersecurity threats and vulnerabilities, developing proactive measures and responses to mitigate risks.
- Cultivate a strong cybersecurity culture by developing and delivering security awareness programs, training sessions, and educational resources for all employees.
- Promote a security-first mindset, ensuring that security considerations are embedded in all areas of the business and throughout each project’s lifecycle.
- Facilitate cross-departmental collaboration to enhance understanding and adherence to security practices.
- Conduct risk assessments for new and existing vendors to ensure compliance with the organization’s security policies and standards.
- Review vendor security posture to align with our security requirements, certifications, and regulatory compliance needs.
- Maintain an active register of third-party vendors and perform regular security reviews to monitor ongoing compliance and risk.
- Collaborate with DevOps and infrastructure teams to embed security controls in cloud configurations, data handling, and system architecture.
- Develop and lead incident response initiatives, coordinating the identification, investigation, and resolution of security incidents.
- Facilitate post-incident reviews, root-cause analysis, and corrective actions to prevent recurrence of security incidents.
- Maintain and regularly update the incident response plan, ensuring readiness and alignment with the latest threats and vulnerabilities.
To thrive in the role as a Information Security Officer, you’ll need:
- Bachelor’s degree in Information Security, Cybersecurity, Information Technology, or related field. Advanced degrees preferred.
- Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, AZ-500 or other equivalent credentials.
- Minimum of 5 years of experience in information security or a related role, preferably within a SaaS or technology environment.
- Demonstrated experience in internal and external audits, including maintaining compliance with ISO/IEC 27001, ISO 9001, ISO/IEC 20000-1, and TISAX.
- Hands-on experience with risk management, vendor management, and incident response practices.
- A good understanding of cloud security, with significant experience in Microsoft Azure.
- Knowledge of DevSecOps principles and secure SDLC practices.
- Familiarity with different frameworks such as GDPR, DORA, BSI IT Grundschutz, BSI C5, ISO/IEC 27005.
- Strong analytical and problem-solving skills, with the ability to make risk-based decisions.
- Excellent communication and interpersonal skills to cultivate cybersecurity awareness and foster cross-functional collaboration.
- Strong organizational skills, capable of managing multiple priorities and meeting deadlines effectively.
- Proven track record in developing and implementing information security policies, standards, and procedures.
- Ability to thrive in a fast-paced environment and adapt to evolving security challenges.
- Familiarity with security information and event management (SIEM) tools and incident response platforms.
- Good working knowledge of Confluence and JIRA.
Why You Will Love Working With Us
Culture: We work agile, focusing on cross-team collaboration based on trust and transparency. You are free to introduce your own ideas and make an impact in our diverse and international teams.
Learning & Growth: We support continuous learning through regular 1:1s, feedback conversations, German and English classes and the chance to take part in conferences and trainings.
Balance your Life: We offer flexible working hours adjusted to your schedule. On the top of that, we offer a package of 30 paid vacation days.
Remote-friendly: We have well structured and flexible processes so that we can work from home effectively and enjoy doing it! Hybrid work is the new way of work for us: we combine remote work with some office time to make sure you feel connected & enjoy your freedom at the same time.
Compensation & Benefits: Excellent people deserve great working conditions. We conduct benchmark analyses and run salary cycles regularly to ensure that we pay salaries above the market average. We also offer you a company pension (bAV), which we support with 20%, and subsidize your public transport ticket and Urban Sports Club membership.
Relocation Support: If you are not located in Germany yet, we are happy to support your move with a relocation package to make it as smooth as possible. Besides the package, we also offer administrative support to help with your VISA process etc.
