IT Security / Compliance Manager (f/m) at eSailors Ltd. (Hamburg, Deutschland)

Desired Skills and Experience

• Support the teams to integrate security and compliance tools, standards and processes into the software development life cycle
• Support the teams to implement, test and operate advanced security and compliance best practices (e.g. OWASP, SSE-CMM)
• Perform on-going security and compliance analysis in cooperation with the production teams
• Maintain security and compliance documentation
• Prepare, Execute and Follow-Up External Audits
• Transfer Security & Compliance Documentation into product requirements
• Define and Improve metrics reporting the state of security and compliance to the management
• Develop a familiarity with new tools and best practices
• Keep an overview on web and mobile application, technical infrastructure and organizational structure and processes
• Support and Drive Automation of security and compliance issues detection
• Manage Relationship with external security and compliance Auditors
• Experience in J2EE development / web and mobile architectures / Virtualization/ Microservices/ Cloud
• Experience in network / firewall design / intrusion detection / penetration testing / denial of service defence
• Experience in Information / IT security and compliance management/processes based on ISO/IEC 27001 or equal standards,PCI DSS, Data Protection Regulation
• Proven track record in managing IT and Information Security
• Solid understanding of cyber security threats, risks, vulnerabilities and attacks giving insight into threat actor motives, capabilities, and techniques
• Understanding of Penetration Testing, Vulnerability Management, Threat Vector Analysis, Intrusion Detection and Prevention, Incident Management and Response, Web Application Security, Risk Assessment and Mitigation Methodologies, and Counter Threat Operations
• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
• Good understanding of cutting edge industry best practice regarding technology and security/compliance
• Educated at least to degree level
• Agile Mindset: Embrace Change, Proactive Attitude, Deliver Customer Value, Be Well-Ordered in Complex Situations, Effective Communication
• Languages: English essential; German desirable
• Strong integration in a team of highly skilled people
• Working in an environment with cutting edge technology (e.g. Microservices, Cloud-Architecture)
• International Environment with high degree of Variety
• Impressive Feedback and Learning Culture living Agile Values
• High degree of responsibility and freedom