Chief Information Security Officer (m/f/d)

About intive

intive is a global Tech company that combines deep industry expertise, user-centric design and world-class software engineering. With a diverse team of +3,000 people and its human-centric approach, intive creates digital products that empower users, deliver business value and make a societal impact.

intive has over 20 years of experience innovating with customers across industries, including Technology, Media and Communications, Retail, Automotive, FinTech, and Telecommunications. By focusing on creating sustainable impact through digital products, intive has won the trust of leading brands such as Audi, BASF, BMW, Deichmann, Discovery, Facebook, Tandem, Paramount and Vorwerk.

The Chief Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, architecture, and a long-term roadmap that ensures that intive’s information assets are adequately protected. A key element of this role is communicating security at a strategic level to executive management, senior management and evangelizing security across the business to drive adoption of security best practices.

1. Develop a strategic, long-term information security and IT risk management strategy and program and supervise its implementation to ensure that intive’s information assets are adequately protected.
2. Development, planning and implementation of a long-term security strategy for the company.
3. Budget planning and calculation.
4. Planning and implementation of awareness measures to maintain and expand company-wide security perception.
5. Work with senior leaders across the business to assess and communicate acceptable levels of risk.
6. Identify, evaluate and report on information security risks, practices and projects to the Executive Committee and the Board of Directors, and provide subject matter expertise on security standards and best practices (e.g. TISAX, ISO 27001, PCI, etc.).
7. Develop the Board’s understanding of security beyond a ‘compliance-only’ view.
8. Lead the development of up-to-date information security policies, procedures, standards and guidelines, and oversee their approval, dissemination, and maintenance in line with ISO27001 and TISAX.
9. Ensure that the security management program follows applicable laws, regulations, and contractual requirements.
10. Act as the champion for the enterprise information security program and foster a security-aware culture.
11. Oversee the evaluation, selection and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.
12. Partner with enterprise architects, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines.
13. Manage regular intrusion detection and vulnerability reporting, internal and external IT audit groups reviews, and the coordination of all required fixes.
14. Develop business metrics to measure the effectiveness of the security management program and increase the maturity of the program over time.
15. Monitor the industry and external environment for emerging threats and advise relevant stakeholders on appropriate courses of action.
16. Liaise with law enforcement and other advisory bodies as necessary to ensure that the organization maintains a strong security posture.
17. Oversee incident response planning and the investigation of security breaches, and assist with any associated disciplinary, public relations and legal matters.

1. Degree in computer science, business informatics, business administration or a technology-related field.
2. Professional security management certifications (CISSP, CISM, CISA, Lead Auditor).
3. Knowledge of common information security management frameworks, such as ISO/IEC 27001 or TISAX.
4. Hands on experience with the implementation and certifications of information security management frameworks.
5. Excellent written and verbal communication skills and high level of personal integrity.
6. Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
7. Experience with contract and vendor negotiations and management including managed services.
8. Supervisory and incident management skills.

We foster an environment where innovative ideas and excellence can thrive - both on-site and remotely. Our learning culture rewards curiosity and empowers our team members to learn, grow, and take charge of their careers.

• Remote Work, Flexibility & Balance: Hybrid Work. You are welcome in our offices in Munich, Regensburg, Stuttgart or Buxheim, but you don't have to be on-site. You choose your equipment: MacBook or Dell and a company cell phone of your choice for professional and private use.
• Performance management: regular partnership meetings between each employee and his manager. You can create a career path based on your goals. We provide training, mentoring, and support to help you along the way.
• Training & Mentorship: Learning and development are an important part of our corporate culture. For this we work with a skill matrix, trainings and a buddy program.
• Tech Hubs: You become part of a community of colleagues who share your interests. There is room for internal exchange and access to the latest technologies.
• Culture & Connection: We foster connections within our teams, as well as across areas of responsibility and hierarchical levels. We make sure that everyone is appreciated and feels connected to our mission and our colleagues. In addition, we organize regular team events (Summer Games, Christmas party, Oktoberfest, etc.).
• Benefits: We offer numerous additional benefits e.g working from abroad- 30 days per year worldwide, public transport, a childcare allowance, capital-forming benefits and a job bike.

#LI-AC2