Information Security Officer (all genders)
We usually respond within two weeks
Doodle is the world’s leading scheduling platform, helping millions of people instantly set meetings with clients, colleagues, and teams. Tapping into the unique nature of smart scheduling, Doodle simplifies the planning of 1:1 and group meetings for busy professionals. As the world's most trusted online scheduling platform, Doodle attracts more than 25 million visitors each month. Now’s your chance to join 100+ ambitious engineers, designers, product managers, marketers and salespeople on a mission to make great meetings happen. Doodle is headquartered in Zurich, with offices in Belgrade and Berlin and some colleagues working remotely from the US.
To secure our infrastructure and services, and protect our customer data, we are in
pursuit of a risk-minded, cloud-focused
INFORMATION SECURITY OFFICER
As an Information Security Officer, you'll identify and mitigate new security risks, ensuring alignment with our risk appetite. You'll drive security awareness training and maintain industry-best information security policies. Collaborate with teams on our security roadmap and lead 'security by design' and 'privacy by design' discussions. You’ll oversee compliance audits and assessments and contribute to business resilience and disaster recovery planning. Your team is based in Berlin and Zurich, and this hybrid role allows you to work from anywhere in Germany.
Your tasks and responsibilities:
- Identify new security developments, requirements and risks and take the lead in ensuring these are actioned by the business in line with Doodle’s risk appetite
- Drive security awareness training for general staff and specialized roles
- Maintain information security policies for key control areas in line with industry best practices
- Collaborate with various teams on maintaining the security roadmap
- Lead the discussions for current implementations of ‘security by design’ and ‘privacy by design’ in our products
- Coordinate and oversee information security compliance audits and assessments (e.g., supplier risk assessments, SOC 2 Type II, penetration testing, external audits, etc.)
- Provide key inputs into business resilience, working across functional verticals on business continuity management and disaster recovery planning
- Oversee the development and maintenance of policies, standards, and procedures
- Support the CISO with the annual planning and budgeting, management reporting and risk governance meetings
- Assist in identifying and improving security controls in the CI/CD pipeline
Your profile:
- Experience planning and executing technical and targeted risk assessments on IT infrastructure, applications, technologies, and third parties
- Familiarity with assessing internal controls, processes, and policies related to Information Technology (IT) and Information Security (IS), identifying deficiencies, and developing remediation strategies
- Adept at maintaining risk registers and executing and monitoring information security programs
- Ability to effectively identify information security risks and make recommendations that are appropriate, practical, and cost-effective
- Knowledgeable of cloud platforms and related security controls (e.g., AWS, Azure, GCP, etc.)
- Good understanding of privacy and security regulations, standards, and frameworks, such as SOC 2, ISO 27001, NIST CSF, CIS Critical Controls, GDPR, etc
- Knowledge and experience in areas such as privacy, consent management, and data governance are a plus
- Certified in CISSP, CISA, CRISC, CCSK, with expertise in privacy, consent management, and data governance is a plus
- Self-motivated, proactive, and efficient with strong interpersonal, organizational, project management, and communication skills, able to work autonomously or within a team, and articulate security risks to various management levels.
We offer:
- Competitive salary
- Remote-friendly culture
- 30 vacation days
- 8 paid training / conference days per year
- Wellbeing Budget - for your mental and physical wellbeing
- Pension scheme eligibility
- Headspace Membership
- Birthday gift
- Company lunches/team building events
- Top notch equipment (MacBook, keyboard, trackpad)
- Doodle Premium memberships for you, your friends and your family
Hiring Journey:
- Cognitive & personality assessment
- Culture Fit Interview
- Interview with the Chief Information Security Officer (CISO)
- Case Study
- Interview with Chief Technology Officer (CTO) and CISO
- Meet the Team
- Reference checks
- Offer
So, Get in Touch!
At Doodle, we’re committed to providing an environment of mutual trust and respect, where equal employment opportunities (EEO) are available to all applicants and teammates without regard to age, race, color, disability, religion, gender and sexual orientation. Diversity and inclusion are of utmost importance to us. We’re committed to building a team that represents a variety of backgrounds, perspectives and skills. The more inclusive we are, the better our work and our products will be. We want to hear from you, so please don’t hesitate to apply!
- Department
- Engineering
- Locations
- Germany
- Remote status
- Hybrid Remote
Germany
Team & Culture
We're a tight-knit team of 100+ spread out over four different countries. We’ve got our home-base in Zurich and awesome offices in Berlin and Belgrade. We also have colleagues working remotely from the USA.
We’re not a huge company so our team structure enables us to quickly implement new ideas before they get stale on the corporate ladder. Everyone here is encouraged to contribute or experiment, and if we’re in agreement about a new decision we go for it.
About Doodle
Doodle is the global scheduling leader, with more than 10 million monthly users. Our platform simplifies scheduling so that you can achieve the quickest path to mutual availability, get the most out of meetings, and find time for it all, both personally and professionally.
Doodle is a part of the Swiss media group TX Group - and headquartered in Zurich, and operating from Germany, Serbia and US.
Information Security Officer (all genders)
Loading application form
Already working at Doodle?
Let’s recruit together and find your next colleague.