Head of Information Security

**About Jimdo**:
Join us to help unleash the power of the self-employed and help them thrive

Jimdo was founded by three school friends in 2007 in a farmhouse in Northern Germany. Fast forward to today, we’re a growing, profitable business with a team of 250+ people from 50 nationalities based in over 15 countries. Our portfolio serves the unique needs of microbusinesses. In addition to our GDPR-compliant website builder powered by AI, we offer an online store, logo creator, legal text generator, business listings, social media integration, SEO, and more. We recently launched Business Builder. This is a new all-in-one solution - the first of its kind in Germany - that enables people at the start of their self-employment journey to get from idea to success faster and easier. And there’s a lot more coming We’re constantly developing new products and services that make the lives of micro-business owners easier and help fuel their businesses. If you’re inspired by our mission and like the idea of working for a dynamic remote-first company where you can create impact from day 1, we’d love to meet you

**Role Overview**:
As the Head of Information Security at Jimdo, you will play a crucial role in safeguarding our products, assets and infrastructure. Leading a small team, you will be responsible for developing and implementing a robust information security strategy, ensuring compliance with regulations, and managing incident responses. If you are a seasoned security professional with a strong technical background and leadership skills, we invite you to join our innovative team in shaping the future of Jimdo.

**What you’ll be doing**:

- Lead and manage the information security team, fostering collaboration and continuous improvement. Develop department KPIs and goals.
- Develop, maintain, and review an information security architecture that aligns with Jimdo’s overall strategies and goals, while also protecting its digital assets.
- Conduct risk assessments and develop risk management strategies.
- Create, update, and maintain security policies, procedures, and guidelines in compliance with EU regulations and standards, including GDPR, and NIS-2 Directive. Work closely on this with the Legal & Data Protection team.
- Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.
- Educate the company on security issues, and foster a culture of security awareness and individual responsibility.
- Ensure the technology organization runs a SSDLC.
- Conduct Vendor Security Risk Assessments to ensure that their systems or services comply with our security standards.
- Liaise with Executives, senior leadership and other stakeholders, reporting regularly on established metrics within the security program, the risk landscape and the effectiveness of security policies.
- Plan and allocate budget resources for the information security program.

**What you bring to the table**:

- Degree in a relevant field.
- Relevant professional certifications such as CISSP, CRISC, CISM, ITIL, CISA, or similar.
- Minimum 8 years of relevant experience, with at least 3 years in a leadership role.
- Strong technical depth, with recent hands-on experience designing information security architecture in a high growth scale-up technology company.
- Strong crisis management skills.
- Excellent communication skills and stakeholder engagement.
- Familiarity with Security Frameworks such as e.g. NIST, OWASP, ISO 270001, ISO27002, and CIS Critical Security Controls.
- Proven expertise in cloud systems (preferably AWS), container-based systems like Kubernetes.
- Familiarity with tech stack (Google, Confluence, Slack, Github, etc.).
- Proven ability to successfully recruit, manage, motivate and develop high performing teams
- Effective negotiation skills.

**What we offer**:** Inspiring Mission**: At our core, we are driven by a meaningful mission - to empower solopreneurs and small businesses to succeed and to contribute to the sustainability and vibrancy of the communities they serve.

**Flexibility and Trust**: Our work environment thrives on flexibility and trust. We offer fully remote work set-up with opportunities for in-person collaboration. You can manage your working hours flexibly because we prioritize the results you deliver over the number of hours you put in.

**Support for your side hustles**: We encourage side hustles. In addition, you get up to three free Jimdo websites for your personal or professional projects that you get to keep forever.

**An International Diverse Team**: Our team is a mosaic of over 248 individuals hailing from 50+ different countries and working across 15+ diverse locations. We take pride in our openness and inclusivity, with an Employee-led DEI Council and active ERGs that ensure everyone's voices are heard.

**Continuous Growth and Career Development**: We invest in your growth with company-wide access to LinkedIn Learning and Mon