Chief Information Security Officer (m/f/d)
The Westwing mission is to inspire and make every home a beautiful home. We are on a quest to bring the wonders of eCommerce for home & living to our more than 1 million active customers in 11 countries. In only 9 years on the market, we have grown to more than 267 million Euros in annual revenue. More importantly, the opportunity ahead of us is massive.
The Westwing team is the secret to our success. Our more than 1,500 team members balance creativity and style with innovative technology and strong business fundamentals. We are proud to be working with inspiring colleagues who are smart, fun, ambitious, and looking for the challenge to transform an industry and take it into the future.
Do you think this could be you? To pursue our ambitious growth strategy, we are looking for a Chief Information Security Officer (m/f/d). In this position, you will be responsible for leading the security team and taking care of all the security, IT governance, risk and compliance topics for the Westwing Group.
Your responsibilities will be:
- Assess current security and GRC stance of the company, identify weaknesses, define areas of improvements, create a roadmap
- Participate in the operational day-to-day work of the security team (2 people), manage projects, vendors and pentesters
- Conduct awareness trainings, provide guidance to software engineers (160 people), advise the CTO and the Executive team for infosec strategic direction
- Evaluate and implement modern security risk management strategies, and security opertations best practices
You come with:
- Previous working experince as a CISO managing both hands-on operational aspects (tooling, monitoring, integration) as well as compliance aspects (creating policies, evaluating risks, etc)
- Hands-on experience with implementing security measures based on general security frameworks and standards like e.g. ISO27001, COBIT, PCI DSS
- Knowledge about regulations on personal data protection in EU-member states (e.g., BDSG in Germany) and awareness of the requirements established by the GDPR
- A general understanding of Computer Networks, Firewalls, Cloud computing (AWS), security topics and the ability to ensure compliance and rapidly identify upcoming challenges
- Ability to create a well-structured security roadmap and execute it
- Experience with the followings is a plus: Cisco Meraki, Umbrella, Jamf, Windows AD, OneLogin, OneTrust, Kali Linux
- You have CISSP or CISM certifications or you are working on obtaining them
- Fluency in English
- A truly shaping tech position with high degrees of responsibility and autonomy
- Plenty of room for personal growth, professional development and high impact
- A highly talented, dynamic, and international team
- Entrepreneurial experience in a well-financed, leading eCommerce company
- Work equipment of your choice
Location: Munich, Remote possible
Contact Person: Markus Winkler
Interested? Looking forward to your full application under specification of your possible starting date and salary expectation.