Compliance & Information Security Manager

We’re hiring a hands-on Compliance & Information Security Manager to own and scale our security program. You will replace external advisory support and act as the internal lead for compliance and security governance, working closely with Engineering, Product, Legal, and Sales. Tasks Own the ISMS and security governance Maintain and evolve our Information Security Management System (ISMS), including policies, standards, control documentation, and the company-wide risk register. Lead certification lifecycle Run readiness assessments, manage evidence collection, coordinate auditors, track remediation, and ensure continuous audit readiness and not just point-in-time compliance. Manage vendor security and third-party risk Conduct security assessments for new and existing vendors, define security requirements in contracts, and ensure critical partners meet our standards. Support enterprise sales through security assurance Own customer security questionnaires, RFP responses, and due diligence processes; maintain a structured library of reusable answers and documentation. Oversee control monitoring and remediation tracking Ensure controls are operating effectively, coordinate internal testing, and partner with engineering to close gaps in a timely manner. Support security incident and business continuity governance Ensure proper documentation, post-incident follow-up, and alignment with compliance requirements for incident management and disaster recovery processes. Compliance Management System Build and maintain a company-wide Compliance Management-System Requirements 4+ years in Information Security, GRC, or compliance roles Hands-on experience owning or significantly contributing to SOC 2 and/or ISO 27001 Practical experience managing audits and working with external auditors Experience handling customer security questionnaires in a B2B environment Familiarity with compliance tools such as Drata, Vanta, or similar Ability to work cross-functionally with technical and non-technical teams Structured, pragmatic, and execution-oriented mindset Benefits Work with a globally distributed, high-talent engineering team Competitive compensation Remote-first culture final Benefits depensing on loction Find Jobs in Germany on Arbeitnow

We’re hiring a hands-on Compliance & Information Security Manager to own and scale our security program. You will replace external advisory support and act as the internal lead for compliance and security governance, working closely with Engineering, Product, Legal, and Sales. Tasks Own the ISMS and security governance Maintain and evolve our Information Security Management System (ISMS), including policies, standards, control documentation, and the company-wide risk register. Lead certification lifecycle Run readiness assessments, manage evidence collection, coordinate auditors, track remediation, and ensure continuous audit readiness and not just point-in-time compliance. Manage vendor security and third-party risk Conduct security assessments for new and existing vendors, define security requirements in contracts, and ensure critical partners meet our standards. Support enterprise sales through security assurance Own customer security questionnaires, RFP responses, and due diligence processes; maintain a structured library of reusable answers and documentation. Oversee control monitoring and remediation tracking Ensure controls are operating effectively, coordinate internal testing, and partner with engineering to close gaps in a timely manner. Support security incident and business continuity governance Ensure proper documentation, post-incident follow-up, and alignment with compliance requirements for incident management and disaster recovery processes. Compliance Management System Build and maintain a company-wide Compliance Management-System Requirements 4+ years in Information Security, GRC, or compliance roles Hands-on experience owning or significantly contributing to SOC 2 and/or ISO 27001 Practical experience managing audits and working with external auditors Experience handling customer security questionnaires in a B2B environment Familiarity with compliance tools such as Drata, Vanta, or similar Ability to work cross-functionally with technical and non-technical teams Structured, pragmatic, and execution-oriented mindset Benefits Work with a globally distributed, high-talent engineering team Competitive compensation Remote-first culture final Benefits depensing on loction Find Jobs in Germany on Arbeitnow