Information Security Manager (f/m/d)

Trusted Shops AG • Cologne

  • Full-time

Cologne

from today / asap

Your duties

Revolutionize the digital landscape with Trusted Shops! Join us in crafting cutting-edge SaaS solutions that empower over 30 million users and 30,000 companies throughout Europe. Our innovative product suite, featuring renowned offerings like Trustbadge, buyer protection, and the dynamic eTrusted feedback platform, stands as a testament to our two-decade commitment to fostering trust in the digital realm.


What your role's responsibilities will include:

  • Spearhead the ongoing enhancement of our global Information Security Management System (ISMS), overseeing critical functions such as risk assessment, management, policy refinement, and compliance monitoring.
  • Actively engage with internal teams, participating in both internal and external audits, customer and vendor assessments. Ensure the implementation of corrective measures and offer advisory support on projects where information security plays a pivotal role.
  • Collaborate closely with your Infosec counterpart to co-lead and cultivate the Infosec domain, sharing responsibilities and exhibiting proactive leadership. Foster continuous growth and improvement within the realm of information security.
  • Contribute actively to privacy matters in collaboration with the legal and data protection team, aligning security practices with their requirements.
  • Develop and implement information security training courses to enhance awareness and knowledge among Trusted Shops employees.
  • Assume a crucial role in security incident management and response efforts. Ensure swift resolution and provide concise reporting to C-level executives and other stakeholders, facilitating informed decision-making and bolstering overall organizational security.


What your day as a Information Security Manager (f/m/d) might look like:

  • Begin your day by setting up your workspace, whether it's at home or in the office, ensuring it's just right for a productive day ahead.
  • Open your personalized task manager to plan and organize your tasks for the day, ensuring a structured and efficient workflow.
  • Benefit from dedicated support and guidance during the initial six months, with daily onboarding sessions and sync meetings with your teammate.
  • Stay ahead in the cybersecurity landscape by delving into your favorite security newsletters and updates while enjoying your morning coffee or tea.
  • Engage in daily or weekly syncs with your Information Security peer to discuss tasks and projects, ensuring alignment in your collaborative efforts.
  • Respond effectively to potential security incidents by following established policies and actively contributing to investigation and response efforts.
  • It's lunchtime! Enjoy a meal at home with your significant other or join team members and colleagues in exploring nearby restaurants.
  • If you're in the office, seize the opportunity to indulge in treats like Waffle Day or Health Day. Grab a freshly baked Waffle or a freshly crushed Smoothie, reenergizing you for the tasks at hand.
  • Return from your break refreshed and focus on planned projects for the week, ensuring progress and meeting objectives.
  • Collaborate across departments, providing expert advice, assessing providers, and actively participating in security-related discussions.
  • If you're in the Office today? Extend your day with a refreshing moment on the Rooftop Terrace, savoring a complimentary Drink before bidding the Office adieu – because we value work-life balance.
  • Alternatively, this could be your monthly self-education day, free from meetings and devoted to your chosen learning and self-improvement agenda.

Your profile

  • You bring several years of professional experience in roles related to information security, IT governance, IT compliance, or risk management.
  • Demonstrate familiarity with SaaS models, cloud technology, and concepts related to cloud-based security.
  • Showcase your experience with relevant certifications (e.g., TISAX, SOC2, ...) and a solid understanding of common information security standards and frameworks (ISO27001, BSI Grundschutz, NIST, ...).
  • Exhibit strong analytical skills, coupled with a high degree of self-organization and a mindset that embraces entrepreneurial thinking and action.
  • Display a high level of proficiency in both written and spoken English, complemented ideally by strong communication skills in German.
  • Emphasize your ability to navigate the dynamic landscape of information security, showcasing adaptability and a proactive approach to challenges.


What we offer you

  • The freedom to do a really good job
  • New Work: work up to 100% mobile (or on-site/hybrid) within Germany and take advantage of our flexible model.
  • One "Self-Education Day" per month
  • 30.5 days vacation
  • Individual training opportunities
  • Health Pass (free online and offline sports, fitness and health courses)
  • Team events (summer party, Christmas party, unit events)
  • An international and diverse environment - colleagues from over 40 nations who work for 13 markets in 5 offices across Europe
  • An unique company spirit - an open error culture, enthusiasm for good results, and giving every individual room for growth


BUILD A COMMUNITY OF TRUST WITH US - #cometotrust

Not sure if you are what we are looking for? Apply! ​

At Trusted Shops, we are interested in you as a person - whether you fit in with us is independent of gender, nationality, ethnic and social origin, religion/belief, disability, age, sexual orientation and identity. Trusted Shops is clearly committed to diversity and against discrimination.

Contacts
Alessandro Canu

Alessandro Canu

Inhouse Tech Recruiter
 
Videos
What opportunities does "new work" offer our colleagues? Patrick tells us his story
What opportunities does "new work" offer our colleagues? Patrick tells us his story

Your benefits in tech

New work

Work from wherever you feel most comfortable. Whether in one of our 5 offices or temporary from another location in Europe.

Health Pass

Stay fit – physically and psychologically. Our company health management offers you a wide range of courses, presentations and workshops.

International flair

With a team from more than 40 different nations, it never gets boring. We celebrate our diversity and the countless new perspectives it gives us.

Individual development opportunities

Unleash your talent and improve your individual skills that support you in your work.

Buddy programme

Your buddy will help you settle in when you first start out with us. Later, you can also share your experience with new colleagues.

Team events

Whether in summer, winter or whenever it suits your team – we enjoy spending time together.

Guilds

In cross-team guilds, we work on current topics in a self-organised and practical manner, e.g. in the Architecture guild or the DevOps guild

Hackathons

We like to think outside the box, developing useful and creative solutions to problems during small events – whether related to work or not

Peer- /mob-programming

Many people work together to develop the best code. This allows us to progress even more effectively in projects and to learn from each other.

Knowledge marketplace

Everyone can offer knowledge or search for it on a kind of bulletin board. This creates spontaneous training sessions with each other

Agile Coach

Agile coaches are available to you and your teams so that you can be successful together.

Our values

Transparency

Open and clear communication gets us to our goals quickly. Address your topics openly – we will find a solution for everything together.

Respect

Every single one of our colleagues is a valuable part of our community. Respectful interaction and openness are prerequisites for our work.

Trust

We know you’re doing a great job – otherwise you wouldn't be here. We trust you, your skills, ideas and intentions.

Our application process

1/4
2/4
3/4
4/4

Are you passionate about the code behind our products?

Programming Lanugages
Programming Lanugages

Java: Java is used by some of our Tech teams and supports us with components that have complex logic, usually in combination with Spring Boot 

TypeScript: We use TypeScript combined with the Angular and React frameworks in the frontend and also on the server side with NodeJS 

Kotlin: We sometimes use Kotlin as an alternative to Java for server-side solutions and for our mobile development 

Python: We often use Python when processing or transforming data. We also occasionally write services in it with the help of AWS Lambda 

Frameworks
Frameworks

Angular: Particularly in our B2B area, we rely on Angular for our frontend in order to be able to develop interactive solutions efficiently 

React: React is used when the performance of our solutions is important. Our B2C environment, in particular, benefits from React (shop profiles, trust badges, widgets, etc.) 

Spring Boot: When it comes to complex business logic in Java and Kotlin, we use Spring Boot. It is deployed in Kubernetes clusters 

NodeJS: Our focus is on serverless, and we often use typescript in the backend. We mostly use NodeJS in combination with AWS Lambda 

Service & Tools
Service & Tools

Circle CI:  CircleCI is our CI/CD tool for automated builds, testing & deployment 

GitHub:  GitHub supports our internal open source policy and enables cross-team cooperation and feedback 

Ansible: We use Ansible to provide our virtual servers in a repeatable and automated way 

Terraform: Our AWS infrastructure is fully managed with Terraform. This allows us to keep a simple history of all changes and minimise the manual effort. 

Databases & Hosting
Databases & Hosting

DynamoDB: DynamoDB is often used to access large amounts of data in real time. We regularly use it with AWS Lambda to provide a scalable solution. 

PostgreSQL/MySQL: If flexibility of data access is paramount, then we also use relational databases 

AWS:  For us, it's "cloud first" so that we are able to scale the infrastructure of our products. Here we rely on services such as AWS Lambda, S3 and DynamoDB 

Employee reviews

Dariia Spychak
Dariia Spychak
Backend Developer

Right now we are working on a new major project for user management and permissions, which is interesting but also complex and has many aspects that will allow it to be integrated into other components. I really like the fact that, as developers within the team, we can decide which technology and programming language we want to use and how we structure the processes. This can sometimes be a challenge, but it helps us gain a lot of new experience. I can work on anything I want to learn about on self-learning days. And of course we have a very friendly and open working atmosphere. Team building events and mob/pair programming sessions also contribute to this. 

Jan Beilfuß
Jan Beilfuß
Frontend Developer

I am currently working in the Review Insights team. In this product team, we work on frontends that help our customers, i.e. online retailers, to draw valuable information from the collected reviews. I have another colleague in the team from the front-end team with whom I work closely. This starts with the planning and discussion of solutions and ends with the joint revision of the written code. Overall, the working atmosphere at Trusted Shops is very pleasant and relaxed. Thanks to a specially developed platform solution, each product team can build its own micro frontends and is thus independent of the other product teams. This means that you are not restricted in your choice of framework, for example - however, we mainly use the common JavaScript frameworks. Personal development is also encouraged. This year, for example, I was able to take part in a one-week summer school on the topic of deep learning, and we basically have one day a month at our disposal to continue our education as we see fit.

Have we awakened your interest?

Apply now