Information Security Manager (m/f/d)

Moss is the modern corporate credit card and spends management platform. We are a group of serial entrepreneurs and fintech experts driven by our mission to enable businesses to master their finances. After solidifying a total of €130 million in funding, we continue to pave the way for next-generation B2B spending, empowering our customers to make informed cash flow decisions. To this day we have 100’s of live customers, we're awarded Fintech of the year in 2020, and have a team in place with experience building out foundations of numerous successful Fintech companies.

As we are scaling heavily across Europe, we are now seeking a Senior Information Security Manager (m/f/d). You will join our information security office and will work very closely with our Chief Information Security Officer in implementing the security strategy at Moss by running a holistic security program to achieve cyber resilience across the company.

Your responsibilities:

• Performing information security assessments on cloud services, internal infrastructure services, applications or on Moss’ products to identify security vulnerabilities and risks
• Collaborating with and guiding risk owners to treat identified security issues in an effective and sustainable manner
• Assisting the entire organisation with security advice and awareness activities
• Setting security standards at Moss with directive policies and guiding procedures aligned with applicable internal and external (regulatory) requirements
• Supporting the data protection team for a transparent and aligned approach on GDPR matters
• Monitoring the security threat landscape to identify any trends and developments that could have an impact to Moss, our customers or 3rd parties
• Communicate and support auditors, customers and other interested parties on matters of information security (including data protection)

Your skillset:

• An infosec enthusiast with at least 3 years of hands-on experience within the field
• well experienced with building and running an effective, efficient InfoSec program and conducting security assessments in a state of the art cloud native environment moving at high pace
• not afraid to challenge technical teams and to act as a go-to person for security matters of all kinds at the entire organisation (data privacy, security architecture, risk management, IAM, BCM)
• knowledgeable in most common security standards and regulatory requirements (e.g. ISO 270xx, GDPR, PCI DSS, CSA CCM, SOC 2) as well as having a solid technical understanding about modern software engineering (DevOps, SRE, Agile, Container Orchestration)
• highly motivated team player by heart, and committed to continuous development by keeping up with trends and developments in the infosec and tech domain
• German language skills or well-known security certifications (CISM, CISSP, CCSP, Security+) are a plus

What we offer:

• A competitive compensation package 
• Early-stage equity
• Join an experienced highly motivated and fast-moving team
• The ability to shape the product success within the market of a quickly growing startup
• The hardware you need to do the job in the best way possible
• Contribute to and share the company's success