(Senior) Information Security Officer - (f/m/d)

At **Shiftmove **, we are developing the next generation of connected mobility products, enabling companies to make informed, data-driven decisions. Our goal is to make complex processes intuitive and efficient creating real added value from data for thousands of B2B customers across Europe and beyond.

As the **(Senior) Information Security Officer , you will be the primary architect of our security governance and risk management structure. You will operate as an independent voice, transitioning our security posture from a supporting function to a strategic pillar. This is a "ground-up" build where you will define the security DNA of a scaling SaaS group, ensuring we remain a trusted partner for global enterprise customers in an increasingly regulated landscape ( NIS2, ISO 27001 **).

Your Responsibilities

• Strategy & Roadmap: Develop and implement a group-wide information security and compliance strategy aligned with ISO 27001 and upcoming regulatory requirements like NIS2.
• ISMS Development: Build and operate a robust Information Security Management System (ISMS), starting with a structured gap analysis and a prioritized delivery roadmap.
• Security Governance: Define clear security requirements across Product, Engineering, and IT, ensuring implementation through accountable ownership and clear documentation.
• Risk Management: Identify, assess, and clearly communicate security risks, enabling leadership to make pragmatic, risk-based decisions aligned with business priorities.
• Compliance Expert: Act as the primary expert and main point of contact for security topics during enterprise customer discussions, external audits, and due diligence processes.
• Technical Advocacy: Collaborate closely with IT Ops and Engineering to embed "Security by Design" into modern cloud (AWS and Azure) and product architectures.
• Stakeholder Influence: Serve as a solution-oriented advisor to the board and senior management, translating complex technical risks into clear business impact.

Requirements

• Information Security Expertise: Several years of experience in a security or compliance role, specifically building or significantly improving an ISMS (ISO 27001) in a SaaS or tech-driven environment.
• Regulatory Knowledge: Deep understanding of frameworks such as NIS2, DORA, or similar compliance regimes, with the ability to translate legal text into operational reality.
• Applied Technical Credibility: Experience in cloud security, infrastructure, or DevSecOps, allowing you to define requirements that are both secure and technically feasible.
• Strategic Thinking: Ability to combine domain expertise with big-picture thinking to anticipate trends and identify strategic opportunities for the group.
• Stakeholder Management: Exceptional communication skills with the ability to influence senior leadership and cross-functional teams without formal authority.
• Executional Excellence: A proven track record of driving high-quality results by setting clear priorities, removing obstacles, and following through on complex roadmaps.
• Pragmatism: A risk-based approach to security that balances high-standard regulatory requirements with business agility and resource constraints.
• Languages: English C1. German is a plus given our DACH footprint.

Why join us?

• **Build products with real-world impact **: We solve complex, everyday problems for thousands of businesses across Europe, replacing manual, fragmented fleet operations with data-driven, intelligent solutions people truly rely on.
• **Scale something meaningful **: We’re a profitable, PE-backed scale-up with strong fundamentals and a clear ambition (1M vehicles by 2027), offering a rare mix of stability, ownership, and pace.
• **Work in a truly international, collaborative environment **: With 40+ nationalities, English as our working language, and teams across Europe, collaboration and shared ownership are part of how we work every day.
• **Grow with autonomy and trust **: We invest heavily in product, data, and people – giving you the space to take responsibility, contribute ideas, challenge others, and do your best work while helping shape how we scale.

Benefits

• Vacation: 30 days
• Benefits: Urban Sports Club membership, Hrmony subscription, JobRad, or a subsidy for a BVG ticket.
• Health & Wellbeing: 1 mental health day per year and access to the Nilo.health platform.
• Learning & Development: Clear career paths and an annual learning budget of €2,000, among other opportunities.
• Home Office? No problem! We have a beautiful office in the heart of Berlin where we meet twice a week.
• Workation: Up to 12 weeks of remote work from any country or continent you want!
• Autonomy: We want to hire you for your expertise and knowledge, and we’ll give you the space to do your best work.
• Sustainable Growth: We are profitable and continue to grow — in a highly sustainable way, backed by a leading private-equity firm focused on technology and software.
• Culture: You’ll join a highly collaborative and high-performing team where you can contribute ideas, challenge others, and be challenged yourself.

Administrative Infos

Contract: Unlimited

Setup: Hybrid, with 2 office days /week in our Berlin Hub