Head of Information Security & Technology Compliance

Head of Information Security & Technology Compliance

Get AI-powered advice on this job and more exclusive features.

About Us At ATOSS Software SE, we are driving the future of workforce management. With our software solutions, we are helping our customers to work more creatively, intelligently and humanely, revolutionizing and optimizing the interplay between profitability and humanity. With 19 consecutive years of record growth, inclusion in the SDAX and TecDAX, we continue to expand globally.

About The Role The Head of Information Security & Technology Compliance is responsible for developing, implementing, and overseeing the Information Security & Technology Compliance strategy at ATOSS. They act as both a strategic driver in Information Security and a counterpart to Product Development in interpreting and translating regulatory IT requirements. The goal is to protect corporate and customer data, ensure regulatory compliance and information security across the ATOSS infrastructure and product landscape, and maintain a high level of operational security.

Core Responsibilities

Security Strategy & Governance

• Maintain and continuously improve the Information Security Management System (ISMS) in line with ISO27001:2022, including audits
• Design and execute a comprehensive information security strategy
• Establish and enforce security policies and procedures
• Evaluate and expand relevant ISO certifications (e.g., ISO27018 for cloud privacy, ISO27017 for cloud security)
• Ensure compliance with regulatory and legal requirements (e.g., ISO27001, GDPR, NIS2, AI Act, Cyber Resilience Act)
• Review security requirements in procurement processes with a view to supporting business value
• Assess and align customer-specific security requirements during the sales cycle with a focus on business enablement

Risk Management & IT Compliance

• Identify, assess, and mitigate information security risks
• Conduct risk assessments and security audits
• Collaborate with internal and external auditors

Security Incidents & Crisis Management

• Build and develop an Incident Response Management framework
• Establish and evolve an Emergency Crisis Management structure, including scenarios, organization, and exercises
• Build and implement a Business Continuity Management system

Product Enablement & IT Regulation

• Translate legal and regulatory requirements (ISO27001, GDPR, NIS2, AI Act, Cyber Resilience Act) into actionable measures for products and services
• Develop and expand AI and R&D enablement strategies from a regulatory perspective
• Create concepts and processes to ensure product compliance with relevant IT regulations

Security Awareness & Training

• Conduct training sessions on security best practices for employees
• Deliver targeted training for sales teams on product-related information security
• Strengthen competencies in R&D regarding security and regulatory topics
• Promote a company-wide culture of security awareness

Required Qualifications & Experience

• University degree, preferably in Business Informatics or Industrial Engineering
• Minimum 8 years of in-depth experience in Information Security and in a senior information security role
• Deep knowledge of relevant standards and frameworks with practical implementation experience
• Proven leadership and stakeholder management experience in an agile environment
• Strong enablement mindset

Our Benefits

• Competitive Rewards: Including profit-sharing and employee stock program.
• Structured Onboarding & Continuous Leadership Development: Clear career paths onboarding through Expert & Leadership Tracks, plus access to ATOSS Academy.
• Flexible Work Culture: Hybrid options (remote within the EU), 30 days of vacation, and a strong commitment to diversity & inclusion.
• Engaging Team Environment: Seasonal company events, team retreats, and an in-house barista.
• Health & Wellbeing: Including regular check-ups, corporate wellness programs, and Wellpass membership.
• Stability & Growth: Company listed on SDAX & TecDAX, with 19+ years of record-breaking revenue and a 30%+ EBIT margin. Certified Top Employer for the 5th year in a row.

At ATOSS, great talent knows no limits. We welcome professionals from all backgrounds and empower their growth through an inclusive, skill-focused environment.

Join us and be part of a high-growth, future-focused company!

Seniority level

• Executive

Employment type

• Full-time

Job function

• Information Technology
• Industries: Software Development

Referrals increase your chances of interviewing at ATOSS Software SE by 2x

(Senior) Information Security Manager (w/m/d)

Senior Information Security Manager (m/w/d)

Information Security Risk Specialist (f/m/d) - Limited to 18 Months

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr