CrawlJobs Logo

Principal Information Security Manager

Germany, Chemnitz · Job Posted May 28, 2026
Apply Position
Job Link Share

Job Description

The next chapter is about making it investor-ready, AI-efficient, and capable of sustaining enterprise customer trust at scale. This is not a build-from-scratch role. It is a step up in maturity: fewer manual processes and sharper governance. The position sits at the center of the InfoSec team; you coordinate across teams, own outcomes and represent the function. You are comfortable being the person customers and auditors talk to. You think in programs and systems, not tasks. You identify where manual effort can be replaced by tooling or AI-assisted workflows, and are empowered to drive that change as we build out our AI-driven operating model across the company.

Job Responsibility

  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
  • Design and run security awareness programs that change behaviour, not just tick boxes
  • Own the incident response plan and lead execution when incidents occur
  • Coordinate with Engineering, Legal, and leadership during incidents
  • Drive post-incident reviews and close findings with owners

Requirements

  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations

Nice to have

  • Experience supporting or preparing for M&A or investor due diligence processes
  • Background working alongside Legal, Procurement, and Engineering
  • Practical understanding of cloud security architecture (enough to challenge and validate, not operate)
  • Relevant certification: CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent

What we offer

  • Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we’re offering a company pension scheme
  • Volunteers Day - you’ll get one day off per year for supporting a social project

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Principal Information Security Manager

8 matching positions

New

Principal Information Security Manager

This is not a build-from-scratch role. It is a step up in maturity: fewer manual...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Must be fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end
  • Own the control framework
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase in customer security reviews, calls, and audits
  • Build scalable approaches to reduce response time
  • Maintain the risk register and drive risk treatment decisions
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework
What we offer
What we offer
  • competitive compensation including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models
  • hybrid work option
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one Volunteers Day per year for supporting a social project
  • Fulltime
Read More
Arrow Right

Principal Information Security Manager

This is not a build-from-scratch role. It is a step up in maturity: fewer manual...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
What we offer
What we offer
  • attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models and the option of hybrid work
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one day off per year for supporting a social project (Volunteers Day)
  • Fulltime
Read More
Arrow Right

Principal Information Security Manager

We inspire people to achieve great things together. Our mission is to help organ...
Location
Location
Germany , Dresden
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
  • Experience supporting or preparing for M&A or investor due diligence processes
  • Background working alongside Legal, Procurement, and Engineering
  • Practical understanding of cloud security architecture (enough to challenge and validate, not operate)
  • Relevant certification: CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent
Job Responsibility
Job Responsibility
  • Act as the senior deputy for InfoSec within our Finance & Operations department, owning the function day-to-day
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end
  • Own the control framework
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches to reduce response time
  • Maintain the risk register and drive risk treatment decisions
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
What we offer
What we offer
  • Competitive Compensation - we offer attractive salary packages including LTIP
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we're offering a company pension scheme
  • Volunteers Day - you'll get one day off per year for supporting a social project
  • Fulltime
Read More
Arrow Right

Principal Security Engineering Manager

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
142800.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience
  • 1+ year(s) people management experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Lead a team that operates and improves production tenant security, driving consistent execution, governance, and hygiene across critical environments
  • Own end-to-end security risk program mechanics: intake → triage → prioritization → burn-down, with clear ownership, milestones, and measurable outcomes
  • Drive platform and operational improvements that reduce recurring misconfigurations, long-lived exceptions, and manual enforcement in production environments
  • Partner with engineering and security teams to strengthen isolation boundaries, reduce attack paths, and maintain durable security controls over time
  • Build and run incident readiness mechanisms (playbooks, coordination, post-incident follow-ups) to improve response effectiveness and reduce repeat issues
  • Develop and coach a high-performing team with a strong planning and execution culture, balancing partner needs with intentional prioritization
  • Fulltime
Read More
Arrow Right

Information Systems Security Manager

Palantir's impact and productivity in the US Government (USG) space depends on o...
Location
Location
United States , New York
Salary
Salary:
100000.00 - 174000.00 USD / Year
palantir.com Logo
Palantir Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active US TOP SECRET or SECRET with willingness and ability to upgrade to TOP SECRET security clearance
  • Intermediate level foundational certification ISSM(722) (per DOD 8140), in 8570 this was known as IAM Level 2 certification
  • Active Computing Environmental certification such as Linux+, CCNA, or other
  • At least 3 years experience in a technical role (user support, technical compliance, system administration, etc.) at an accredited USG facility
  • Demonstrated proficiency in relevant Windows administration tasks including AD, DNS, Group Policy, and SCCM/MDT
  • Practical experience with automation tools, including Powershell and Python
Job Responsibility
Job Responsibility
  • Serve as the principal advisor on all matters, technical and otherwise, involving the security of the systems under their purview
  • Scale our infrastructure by creatively implementing automated solutions
  • Collaborate with your fellow ISSMs, ISSOs, FSOs, and broader business stakeholders to provide consistent solutions to all of our facilities
  • Create and manage user-facing guides, POA&Ms, SSPs, ATOs, and other relevant USG documentation
  • Integrate new hardware and software technologies into our USG infrastructure
  • Familiar with eMASS and managing the system security authorization package to ensure all requirements are met and submitted
  • Ensure all requirements and implementation procedures listed within the system security authorization package are in accordance with the NISPOM, NIST SP 800-53, DAAPM, or other governing policies
  • Manage relationships with upstream vendors and sponsors
  • User account provisioning, deletions, and general LDAP & AD maintenance
  • Familiar with using ELK or other SIEMS to build reports and visualizations to ensure monitoring, alerting, and auditing requirements are met
What we offer
What we offer
  • Employees (and their eligible dependents) can enroll in medical, dental, and vision insurance as well as voluntary life insurance
  • Employees are automatically covered by Palantir’s basic life, AD&D and disability insurance
  • Commuter benefits
  • Relocation assistance
  • Take what you need paid time off, not accrual based
  • 2 weeks paid time off built into the end of each year (subject to team and business needs)
  • 10 paid holidays throughout the calendar year
  • Supportive leave of absence program including time off for military service and medical events
  • Paid leave for new parents and subsidized back-up care for all parents
  • Fertility and family building benefits including but not limited to adoption, surrogacy, and preservation
  • Fulltime
Read More
Arrow Right

Principal Security Assurance Engineering Manager

Microsoft’s Specialized Cloud Team in the national security, classified, and hig...
Location
Location
United States , Reston
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR equivalent experience
  • 1+ year(s) people management
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Enterprise Industrial Security Leadership: Interpret, operationalize, and govern requirements under NISPOM (32 CFR Part 117), SEADs, DoD Instructions, DFARS clauses, and customer specific security directives
  • Anticipate and mitigate enterprise level risks that could jeopardize Facility Clearances (FCLs), classified contracts, or customer trust
  • Cross Organizational Governance & Influence: Drive alignment across Engineering, Operations, Datacenters, Legal (CELA), HR, Physical Security, and secure/sovereign cloud teams
  • Establish clear governance models, accountability mechanisms, and escalation paths
  • Lead high risk decision making involving regulatory exposure, personnel adjudication, insider threat concerns, and facility accreditation
  • Facility Clearance & Classified Environment Management: Provide governance and oversight for the full lifecycle of classified facilities, including SCIFs and SAPF environments
  • Ensure accreditation readiness, material change management, and sustained compliance across facilities and business units
  • Protect Microsoft’s corporate and subordinate FCL posture through proactive risk management
  • Fulltime
Read More
Arrow Right
New

Principal Technical Program Manager - FDE - Security Check (SC) Clearance

This role requires to work with the UK Defense and Intelligence. The successful ...
Location
Location
United Kingdom , London
Salary
Salary:
93500.00 - 161800.00 GBP / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree AND experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience
  • Experience managing cross-functional and/or cross-team projects
  • Experience partnering directly with customers or internal stakeholders to deliver solutions end-to-end
  • Experience managing cross-functional and/or cross-team projects (preferred)
  • Experience in customer-facing technical roles (e.g., consulting, solutions engineering, field engineering, or similar) (preferred)
  • Experience with AI/ML technologies, cloud architecture, data engineering, and using AI tools and workflows in creating software engineering artifacts (preferred)
  • Enjoy travel and are comfortable with travel up to 25% (preferred)
Job Responsibility
Job Responsibility
  • Lead complex technical programs from problem definition through to delivered outcomes
  • Drive decisions that directly influence business strategy and customer outcomes
  • Collaborate with leading global organizations across industries
  • Apply the latest advancements in AI and engineering workflows to deliver value at scale
  • Embed with strategic customers to lead complex technical programs with high autonomy, aligning business needs with engineering solutions across AI, cloud, and data
  • Take ownership of the customer journey end-to-end, from problem definition through co-engineering delivery to measurable business outcomes
  • Apply AI assisted engineering practices as a daily operating mode
  • Operate fluently in engineering tooling (e.g., VS Code, GitHub, AI agents) as primary work surfaces for planning, documentation, and technical program leadership
  • Validate AI-generated outputs with domain expertise to maintain quality at speed
  • Navigate ambiguity in customer environments with self-direction and high ownership
What we offer
What we offer
  • Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work
  • Certain roles may be eligible for benefits and other compensation
  • Fulltime
Read More
Arrow Right

Principal Product Manager, Agent 365 Security & Governance

Microsoft’s mission is to empower every person and every organization on the pla...
Location
Location
United States , Redmond
Salary
Salary:
142800.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree AND 8+ years experience in product/service/program management or software development OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Own and articulate the product vision and strategy for AI agent security, including the detection and containment of unsanctioned AI activity across the enterprise
  • Define the category narrative for agent governance, establishing Microsoft as the recognized leader
  • Drive cross-organization alignment across Microsoft's security, identity, and data-governance solutions to deliver coherent, actionable risk intelligence to customers
  • Partner with the security ecosystem to position Microsoft as the orchestration layer for agent risk, working alongside third-party security and posture-management providers
  • Translate raw security telemetry into actionable signals: agent risk and criticality, intent and impact assessment, risk categorization, and remediation experiences
  • Represent Microsoft externally with chief information security offices (CISOs), security advisory boards, and industry analysts, and bring that market insight back into the product roadmap
  • Deliver security capabilities for regulated and government cloud environments
  • Elevate product craft across the team by mentoring PMs, modeling excellence, and setting a high bar for quality and impact
  • Fulltime
Read More
Arrow Right