Information Security Officer all genders

Doodle is the worlds leading scheduling platform helping millions of people instantly set meetings with clients colleagues and teams. Tapping into the unique nature of smart scheduling Doodle simplifies the planning of 1:1 and group meetings for busy professionals. As the worlds most trusted online scheduling platform Doodle attracts more than 25 million visitors each month. Nows your chance to join 100 ambitious engineers designers product managers marketers and salespeople on a mission to make great meetings happen. Doodle is headquartered in Zurich with offices in Belgrade and Berlin and some colleagues working remotely from the US.

To secure our infrastructure and services and protect our customer data we are in
pursuit of a riskminded cloudfocused

INFORMATION SECURITY OFFICER

As an Information Security Officer youll identify and mitigate new security risks ensuring alignment with our risk appetite. Youll drive security awareness training and maintain industrybest information security policies. Collaborate with teams on our security roadmap and lead security by design and privacy by design discussions. Youll oversee compliance audits and assessments and contribute to business resilience and disaster recovery planning. Your team is based in Berlin and Zurich and this hybrid role allows you to work from anywhere in Germany.

Your tasks and responsibilities:

• Identify new security developments requirements and risks and take the lead in ensuring these are actioned by the business in line with Doodles risk appetite
• Drive security awareness training for general staff and specialized roles
• Maintain information security policies for key control areas in line with industry best practices
• Collaborate with various teams on maintaining the security roadmap
• Lead the discussions for current implementations of security by design and privacy by design in our products
• Coordinate and oversee information security compliance audits and assessments (e.g. supplier risk assessments SOC 2 Type II penetration testing external audits etc.)
• Provide key inputs into business resilience working across functional verticals on business continuity management and disaster recovery planning
• Oversee the development and maintenance of policies standards and procedures
• Support the CISO with the annual planning and budgeting management reporting and risk governance meetings
• Assist in identifying and improving security controls in the CI/CD pipeline
  

Your profile:

• Experience planning and executing technical and targeted risk assessments on IT infrastructure applications technologies and third parties
  
• Familiarity with assessing internal controls processes and policies related to Information Technology (IT) and Information Security (IS) identifying deficiencies and developing remediation strategies
  
• Adept at maintaining risk registers and executing and monitoring information security programs
  
• Ability to effectively identify information security risks and make recommendations that are appropriate practical and costeffective
  
• Knowledgeable of cloud platforms and related security controls (e.g. AWS Azure GCP etc.)
  
• Good understanding of privacy and security regulations standards and frameworks such as SOC 2 ISO 27001 NIST CSF CIS Critical Controls GDPR etc
  
• Knowledge and experience in areas such as privacy consent management and data governance are a plus
  
• Certified in CISSP CISA CRISC CCSK with expertise in privacy consent management and data governance is a plus
  
• Selfmotivated proactive and efficient with strong interpersonal organizational project management and communication skills able to work autonomously or within a team and articulate security risks to various management levels.

We offer:

• Competitive salary
• Remotefriendly culture
• 30 vacation days
• Summer Fridays Pilot eligibility (4.5 days week in summer)
• 8 paid training / conference days per year
• Wellbeing Budget for your mental and physical wellbeing
• Pension scheme eligibility
• Headspace Membership
• Birthday gift
• Company lunches/team building events
• Top notch equipment (MacBook keyboard trackpad)
• Doodle Premium memberships for you your friends and your family

Hiring Journey:

• Cognitive & personality assessment
  
• Interview with the Chief Information Security Officer (CISO)
  
• Case Study
  
• Interview withChief Technology Officer(CTO) andCISO
  
• Meet the Team and Culture Fit Interview
  
• Reference checks
  
• Offer
  

So Get in Touch!

At Doodle were committed to providing an environment of mutual trust and respect where equal employment opportunities (EEO) are available to all applicants and teammates without regard to age race color disability religion gender and sexual orientation. Diversity and inclusion are of utmost importance to us. Were committed to building a team that represents a variety of backgrounds perspectives and skills. The more inclusive we are the better our work and our products will be. We want to hear from you so please dont hesitate to apply!