Information Security Officer (wmd)

As Information Security Officer (f/m/d) you will ensure that aedifion operates an effective and scalable information security management system (ISMS) that goes far beyond mere compliance. You will embed security as a natural part of our corporate culture and lead us to substantial active security.

To fulfil this mission you will master a variety of challenges: You will transform our security culture and seamlessly integrate genuine protection into business doing so you will consolidate distributed responsibilities and establish centralised control for consistent standards. With creative concepts you will strengthen our employees security awareness and design secure remote working scenarios. At the same time you will build a future-proof architecture that scales with our growth through intelligent automation.

• ISMS operation & further development: Take sole responsibility for the operation of our ISO 27001-certified ISMS and drive its continuous further development through targeted process optimisation.
• Tool integration & automation:Select suitable ISMS tools based on practical experience implement them independently and increase the level of automation by integrating them into existing IT infrastructures.
• Security controls implementation:Independently implement technical and organisational security measures in close cooperation with IT HR engineering and finance and integrate them seamlessly into business processes.
• Audit & review management: Conduct internal external and customer audits as well as management reviews independently ensure successful recertifications and professionally guide customers through audit processes.
• Awareness & training:Design and implement effective awareness and training programmes that embed security awareness in the corporate culture in the long term and bring about measurable behavioural changes.
• Effectiveness monitoring & reporting:Monitor the effectiveness of the ISMS through systematic analyses and meaningful key performance indicators and create compelling reports for management employees and customers.
• ISMS scaling:Flexibly adapt the ISMS to company growth and new regulatory requirements and ensure sustainable scalability through intelligent architecture.

• Practical implementation experience: Extensive experience in independently setting up operating and further developing ISMS in corporate environments with proven success in several complete implementation or optimisation cycles.
• Specific tool expertise:In-depth practical experience with common ISMS tools from real-world corporate deployments including independent selection implementation and integration into existing IT landscapes.
• ISO 27001 expertise: In-depth knowledge of ISO 27001 requirements with proven experience in successfully conducting initial and recertification audits as well as customer audits.
• Certifications: ISO 27001 Lead Implementer or Lead Auditor ideally supplemented by CISSP CISM or comparable certifications that underpin your practical expertise.
• Technical understanding: Solid IT knowledge and system administration skills to independently evaluate implement and integrate technical security measures in cloud and on-premise environments.
• Strong communication skills: Strong ability to communicate complex security issues clearly and in a manner appropriate to the audience from management and specialist departments to external auditors and customers.
• Working style: Structured independent working style with strong organisational skills project management experience and a keen enthusiasm for continuous improvement and automation.
• Languages:Business fluent written and spoken German and English for professional audits precise documentation and international collaboration.

• Make a difference: Your work helps to reduce CO₂ emissions and make buildings more sustainable and energy-efficient.
• Mobile work:Organise your working day according to your needs with flexible working hours short core working hours and the freedom to work from our modern office in Cologne remotely from anywhere in Germany or up to 10 days a year from other European countries.
• Long-term prospects:After your probationary period we offer you a permanent -good offer: With 30 days of annual leave you can relax and unwind while fresh organic fruit regional coffee free drinks and our monthly team breakfast provide you with your daily energy boost.
• Further training: We support you with tailor-made training opportunities to advance your stack: You will receive modern work equipment of your choice whether Microsoft or Apple as well as high-quality noise-cancelling headphones for focused work.
• Mobility package:Always mobile: you can choose between the Germany Ticket or a Jobrad bike for your commute or private use.
• Pension provision: Subsidies for capital-forming benefits (VWL) or company pension schemes (bAV).
• #teamaedifion:Regular team events working on an equal footing actively sharing experiences and flat hierarchies promote strong teamwork and open communication within our team.
• Dog-friendly office:Bring your dog along we look forward to some animal support.

Our goal is simple: we make buildings part of the solution for a planet worth living on. To achieve this we are looking for people who are passionate about innovation and technology who are up for any challenge and who share the same goal. Whether you are an experienced developer a natural sales talent or a newly qualified engineer you will be an important part of our mission from day one. Join #teamaedifion and help make the energy transition in buildings possible.