Information Security Officer

Job description

Staffbase is an enterprise SaaS platform that helps HR and Communication leaders to transform their organisations into places where people feel connected and proud to come to work. Staffbase is the first employee experience platform to let employers and employees connect authentically, right through their mobile phones. We’re headquartered in Chemnitz, Germany, with offices in Dresden, Cologne, Amsterdam, New York, and London! Our international team just crossed 150 happy employees from 16 nationalities and we have a rapidly growing base of customers that want to transform their employee experience. We are 4 years old, we have strong-growing revenue, and our customers love us.


Information security is one of Staffbase most relevant topics since the beginning in 2014. Scaling information security for enterprise-readiness has been approved by implementing an information security management system following ISO/IEC 27001.


You will be part of the information security management team to help improve information security as well as creating an up-to-date documentation to describe how information security is handled at Staffbase. While the information security management team has been created in 2018, your tasks will require a high amount of independence work.


Your tasks include:

  • Create customer facing documentation about information security standards at Staffbase

  • Support our Sales and Customer teams to explain how information security is established at Staffbase

  • Investigate information security incidents and develop treatment plans based on identified root causes

  • Support the Information Security Management team to continuously improve the Information Security Management System (ISMS)

  • Perform vendor security checks for ensuring information security at Staffbase suppliers

  • Conduct internal audits to check compliance for information security

Requirements

  • Experienced in working with an ISMS following ISO/IEC 27001
  • High interest in information security topics like technical developments or new legal requirements

  • Very good communication skills both German & English to discuss relevant information security topics internal and external

  • Analytical, creative, problem solving and entrepreneurial personality

Nice to haves:

  • technical background (Studies in computer science, business informatics, or similar)

  • relevant certification, such as ISO/IEC 27001 Foundation OR Information Security Office