Director of Information Security (Group)
Share
Job Location:
Monthly Salary:
Posted on:
8 hours ago
Vacancies:
1 Vacancy
Job Summary
Your mission
Remote hybrid Stockholm Sweden or hybrid Hamburg Germany
We are seeking a Director of Information Security (Group) to establish build and lead Aonics group-wide information security function. This is a foundational leadership role with overall accountability for information security strategy execution and maturity across all subsidiaries.
The role is designed as an independent security function with direct access to executive leadership. You will report to the Group CEO/Group General Counsel and work in close partnership with the CTOs of Aonics operating companies the Group Data Privacy Counsel and senior engineering leadership.
As this is a newly created role you will build and operate Aonics security function from the ground up operating hands-on in an environment without an existing security team. You will combine strategic leadership with deep execution and independent second-line security oversight while personally driving critical initiatives.
Key Responsibilities
- Define security strategy policies standards risk management practices and oversight. Challenge decisions where necessary assess risk objectively and ensure consistent implementation across the group including for example:
- Build and own incident response policies and procedures.
- Establish and oversee vendor and third-party security risk management.
- Develop security policies and lead internal and external audits aligned with frameworks such as ISO 27001 and NIST as well as independent reviews.
- Provide oversight of secure cloud and application architecture in collaboration with engineering teams.
- Drive security awareness and training across the organization.
- Regularly brief executive leadership and the board (or relevant board committees) on:
- Security posture and maturity.
- Key risks and threat landscape.
- Significant incidents and response outcomes.
- Progress against strategic security objectives.
- Provide clear concise and actionable insights to support informed decision-making at the highest level.
- Escalate material security risks and incidents independently and without delay when required.
Your profile
Qualifications & Experience
- Degree in Information Security Computer Science Engineering or a related field or equivalent practical experience.
- Approx. 7 years of progressive experience in information or cyber security roles including ownership of security programs preferably from high-growth technology companies or complex group structures.
- Strong knowledge of security frameworks and standards (e.g. ISO 27001 NIST). Security certifications such as CISSP CISM or equivalent are considered an advantage.
- Hands-on experience securing cloud-based app-first data-intensive platforms.
- Strong experience leading and managing security incidents in complex technology-driven environments including coordination across engineering legal and executive stakeholders.
- Proven ability to operate autonomously prioritize effectively and deliver outcomes in environments with limited structure.
- Experience building or scaling a security function from an early or intermediate maturity stage is a bonus.
- Experience working with US and/or European regulatory and security expectations is preferred.
- Excellent communication skills across relevant stakeholders.
Mindset & Ways of Working
- Highly structured analytical and organized capable of managing multiple concurrent initiatives.
- Strongly hands-on and execution-oriented comfortable diving deep while maintaining strategic oversight.
- Pragmatic collaborative and focused on building durable scalable security foundations.
- Comfortable operating in a fast-paced evolving environment where processes and governance are still being built.
- High integrity and sound judgment when handling confidential and sensitive matters.
- Self-driven resilient and motivated to build something meaningful from scratch.
Why us
What We Offer
- A rare opportunity to build and own a group-wide information security function from the ground up.
- Direct exposure to executive leadership and meaningful influence on company-wide decisions.
- A collaborative international technology environment with real scale and complexity.
- Competitive compensation and benefits aligned with senior leadership responsibility.
Key Skills
- Business Development
- Information Technology
- Oversight
- Professional Development
- Account Management
- Client Relationships
- Project Management
- Strategic Initiatives
- Ensure Compliance
- Program Development
- KPI
- Product Development
- Direct Reports
- Strategic Development
- Special projects
About Company
Welcome! Bonjour! Selam! Olá! Hej! 🥳 we are exmox - a Hamburg based mobile marketing agency, connecting advertisers with their highest value users through our owned and operated apps. We created an innovative business model that focuses on rewarding users for testing and engaging with ... View more
