CrawlJobs Logo
Staffbase Logo Staffbase · IT - Administration

Principal Information Security Manager

Germany, Berlin · Job Posted May 28, 2026
Apply Position
Job Link Share

Job Description

This is not a build-from-scratch role. It is a step up in maturity: fewer manual processes and sharper governance. The position sits at the center of the InfoSec team; you coordinate across teams, own outcomes and represent the function. You are comfortable being the person customers and auditors talk to. You think in programs and systems, not tasks. You identify where manual effort can be replaced by tooling or AI-assisted workflows, and are empowered to drive that change as we build out our AI-driven operating model across the company. You will act as the senior deputy for InfoSec within our Finance & Operations department, owning the function day-to-day, representing it internally and externally, and making it run with less friction and more intelligence. You report directly to the SVP Business Operations & Transformation and work closely with Legal, Procurement, Engineering, external auditors and enterprise customers.

Job Responsibility

  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
  • Design and run security awareness programs that change behaviour, not just tick boxes
  • Own the incident response plan and lead execution when incidents occur
  • Coordinate with Engineering, Legal, and leadership during incidents
  • Drive post-incident reviews and close findings with owners

Requirements

  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations

Nice to have

  • Experience supporting or preparing for M&A or investor due diligence processes
  • Background working alongside Legal, Procurement, and Engineering
  • Practical understanding of cloud security architecture (enough to challenge and validate, not operate)
  • Relevant certification: CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent

What we offer

  • attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models and the option of hybrid work
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one day off per year for supporting a social project (Volunteers Day)
Staffbase - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Principal Information Security Manager

8 matching positions

Principal Information Security Manager

The next chapter is about making it investor-ready, AI-efficient, and capable of...
Location
Location
Germany , Chemnitz
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
What we offer
What we offer
  • Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we’re offering a company pension scheme
  • Volunteers Day - you’ll get one day off per year for supporting a social project
Read More
Arrow Right

Principal Information Security Manager

We inspire people to achieve great things together. Our mission is to help organ...
Location
Location
Germany , Dresden
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
  • Experience supporting or preparing for M&A or investor due diligence processes
  • Background working alongside Legal, Procurement, and Engineering
  • Practical understanding of cloud security architecture (enough to challenge and validate, not operate)
  • Relevant certification: CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent
Job Responsibility
Job Responsibility
  • Act as the senior deputy for InfoSec within our Finance & Operations department, owning the function day-to-day
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end
  • Own the control framework
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches to reduce response time
  • Maintain the risk register and drive risk treatment decisions
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
What we offer
What we offer
  • Competitive Compensation - we offer attractive salary packages including LTIP
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we're offering a company pension scheme
  • Volunteers Day - you'll get one day off per year for supporting a social project
  • Fulltime
Read More
Arrow Right

Principal Information Manager

At Amentum, we're not just solving problems; we're engineering the future. Our t...
Location
Location
United Kingdom , Bristol; Cardiff
Salary
Salary:
Not provided
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Commitment to performance, quality, and continuous improvement in IM
  • Ability to engage with clients and support IM solution development
  • Commercial awareness and understanding of IM service delivery
  • Experience working within cross-functional IM teams
  • Expertise in ISO 19650 and related IM standards
  • Strong foundation in Information Management principles
  • Ability to influence policy and standards
  • Focus on performance, quality, and innovation
  • Significant experience in IM or digital delivery
  • Advanced degree or equivalent experience
Job Responsibility
Job Responsibility
  • Support the delivery of Information Management (IM) services across portfolios or frameworks
  • Contribute to shaping IM delivery models
  • Ensure consistent application of IM standards
  • Collaborate with senior stakeholders
  • Focus on technical excellence and service consistency within IM
What we offer
What we offer
  • Free single medical cover and digital GP service
  • Enhanced parental leave pay
  • Free membership of employee assistance and parental programmes
  • Reimbursement towards relevant professional development and memberships
  • Work-life balance and flexibility
  • Hybrid, part-time and flexible working hours, patterns and locations discussed
  • Fulltime
Read More
Arrow Right

Principal Information Manager

At Amentum, we're not just solving problems; we're engineering the future. Our t...
Location
Location
United Kingdom , Reading
Salary
Salary:
Not provided
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Commitment to performance, quality, and continuous improvement in IM
  • Ability to engage with clients and support IM solution development
  • Commercial awareness and understanding of IM service delivery
  • Experience working within cross-functional IM teams
  • Expertise in ISO 19650 and related IM standards
  • Strong foundation in Information Management principles
  • Ability to influence policy and standards
  • Focus on performance, quality, and innovation
  • Significant experience in IM or digital delivery
  • Advanced degree or equivalent experience
Job Responsibility
Job Responsibility
  • Support the delivery of Information Management (IM) services across portfolios or frameworks
  • Contribute to shaping IM delivery models
  • Ensure consistent application of IM standards
  • Collaborate with senior stakeholders
  • Focus on technical excellence and service consistency within IM
What we offer
What we offer
  • Free single medical cover and digital GP service
  • Enhanced parental leave pay
  • Free membership of employee assistance and parental programmes
  • Reimbursement towards relevant professional development and memberships
  • Work-life balance and flexibility
  • Hybrid, part-time and flexible working hours, patterns and locations discussed
  • Fulltime
Read More
Arrow Right

Information Systems Security Manager

Palantir's impact and productivity in the US Government (USG) space depends on o...
Location
Location
United States , New York
Salary
Salary:
100000.00 - 174000.00 USD / Year
palantir.com Logo
Palantir Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active US TOP SECRET or SECRET with willingness and ability to upgrade to TOP SECRET security clearance
  • Intermediate level foundational certification ISSM(722) (per DOD 8140), in 8570 this was known as IAM Level 2 certification
  • Active Computing Environmental certification such as Linux+, CCNA, or other
  • At least 3 years experience in a technical role (user support, technical compliance, system administration, etc.) at an accredited USG facility
  • Demonstrated proficiency in relevant Windows administration tasks including AD, DNS, Group Policy, and SCCM/MDT
  • Practical experience with automation tools, including Powershell and Python
Job Responsibility
Job Responsibility
  • Serve as the principal advisor on all matters, technical and otherwise, involving the security of the systems under their purview
  • Scale our infrastructure by creatively implementing automated solutions
  • Collaborate with your fellow ISSMs, ISSOs, FSOs, and broader business stakeholders to provide consistent solutions to all of our facilities
  • Create and manage user-facing guides, POA&Ms, SSPs, ATOs, and other relevant USG documentation
  • Integrate new hardware and software technologies into our USG infrastructure
  • Familiar with eMASS and managing the system security authorization package to ensure all requirements are met and submitted
  • Ensure all requirements and implementation procedures listed within the system security authorization package are in accordance with the NISPOM, NIST SP 800-53, DAAPM, or other governing policies
  • Manage relationships with upstream vendors and sponsors
  • User account provisioning, deletions, and general LDAP & AD maintenance
  • Familiar with using ELK or other SIEMS to build reports and visualizations to ensure monitoring, alerting, and auditing requirements are met
What we offer
What we offer
  • Employees (and their eligible dependents) can enroll in medical, dental, and vision insurance as well as voluntary life insurance
  • Employees are automatically covered by Palantir’s basic life, AD&D and disability insurance
  • Commuter benefits
  • Relocation assistance
  • Take what you need paid time off, not accrual based
  • 2 weeks paid time off built into the end of each year (subject to team and business needs)
  • 10 paid holidays throughout the calendar year
  • Supportive leave of absence program including time off for military service and medical events
  • Paid leave for new parents and subsidized back-up care for all parents
  • Fertility and family building benefits including but not limited to adoption, surrogacy, and preservation
  • Fulltime
Read More
Arrow Right

Principal Security Assurance Engineering Manager

Microsoft’s Specialized Cloud Team in the national security, classified, and hig...
Location
Location
United States , Reston
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR equivalent experience
  • 1+ year(s) people management
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Enterprise Industrial Security Leadership: Interpret, operationalize, and govern requirements under NISPOM (32 CFR Part 117), SEADs, DoD Instructions, DFARS clauses, and customer specific security directives
  • Anticipate and mitigate enterprise level risks that could jeopardize Facility Clearances (FCLs), classified contracts, or customer trust
  • Cross Organizational Governance & Influence: Drive alignment across Engineering, Operations, Datacenters, Legal (CELA), HR, Physical Security, and secure/sovereign cloud teams
  • Establish clear governance models, accountability mechanisms, and escalation paths
  • Lead high risk decision making involving regulatory exposure, personnel adjudication, insider threat concerns, and facility accreditation
  • Facility Clearance & Classified Environment Management: Provide governance and oversight for the full lifecycle of classified facilities, including SCIFs and SAPF environments
  • Ensure accreditation readiness, material change management, and sustained compliance across facilities and business units
  • Protect Microsoft’s corporate and subordinate FCL posture through proactive risk management
  • Fulltime
Read More
Arrow Right

Principal Product Manager, AI Model Security

We are hiring a Product Manager to own AI model security — the discipline of mak...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree AND 5+ years experience in product management, security engineering, or software development OR equivalent experience
  • Demonstrated hands-on experience with AI/ML systems — you have personally built, evaluated, or shipped ML-powered products or security tools
  • Deep familiarity with LLM security threats: prompt injection, jailbreaking, data exfiltration, adversarial attacks on generative models — through professional experience, red-teaming, or security research
  • Experience defining product requirements and driving decisions in partnership with researchers or ML engineers
  • Track record of building evaluation systems, security benchmarks, or adversarial testing frameworks — not just consuming them
  • Ability to operate autonomously, make decisions with incomplete information, and drive projects from ambiguity to shipped outcomes
Job Responsibility
Job Responsibility
  • Own the model security roadmap
  • Drive zero-day and exploit defense
  • Build and scale red-teaming frameworks
  • Partner with Microsoft Security product teams
  • Define security-specific model evaluations
  • Shape security policy and launch readiness
  • Stay at the frontier
  • Influence model training and architecture
  • Fulltime
Read More
Arrow Right

Principal, Systems and Infrastructure Engineer, Information Security

Are you driven to design durable, scalable, and well-governed cloud platforms th...
Location
Location
United States of America , Denver
Salary
Salary:
121000.00 - 242000.00 USD / Year
walmart.com Logo
Walmart
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Option 1: Bachelor's degree in computer science, information technology, engineering, information systems, cybersecurity, or related area and 5years' experience in systems and infrastructure engineering or related area at a technology, retail, or data-driven company.
  • Option 2: 7 years' experience in systems and infrastructure engineering or related area at a technology, retail, or data-driven company.
Job Responsibility
Job Responsibility
  • Lead the migration and modernization of a large portfolio of applications and databases from AWS to GCP and Azure, ensuring reliability, security, and minimal disruption.
  • Design target-state architectures and migration patterns that balance scalability, resilience, cost, and operational simplicity.
  • Evaluate cloud-native services and guide architectural tradeoffs across AWS, GCP, and Azure.
  • Establish reference architectures, landing zone standards, and platform patterns used across the organization.
  • Architect, build, and maintain complex, reusable Infrastructure-as-Code solutions using Terraform and Terragrunt.
  • Develop Python and Bash automation to support infrastructure lifecycle management, migrations, governance, and operational workflows.
  • Drive consistency and quality through shared modules, versioning strategies, and code review standards.
  • Integrate IaC and automation into CI/CD pipelines using GitHub Actions and related tooling.
  • Drive containerization and platform adoption using Docker and Kubernetes, enabling scalable and resilient application deployments.
  • Design and maintain robust CI/CD pipelines that support fast, safe, and repeatable infrastructure and application delivery.
What we offer
What we offer
  • Health benefits include medical, vision and dental coverage.
  • Financial benefits include 401(k), stock purchase and company-paid life insurance.
  • Paid time off benefits include PTO (including sick leave), parental leave, family care leave, bereavement, jury duty, and voting.
  • Other benefits include short-term and long-term disability, company discounts, Military Leave Pay, adoption and surrogacy expense reimbursement.
  • Live Better U education benefit program
  • Annual or quarterly performance bonuses
  • Stock
  • Fulltime
Read More
Arrow Right