Principal Information Security Manager
About Staffbase
We inspire people to achieve great things together. Our mission is to help organizations unlock the power of inspirational communication with the first AI-native Employee Experience Platform . Our industry-leading and award-winning agentic AI communications channels - intranet, employee app and email solutions - create engaging experiences that connect and empower employees.
Headquartered in Chemnitz, Germany and New York City, with offices in Berlin, London, Sydney, Tokyo, Prague, and Minneapolis–St. Paul, our diverse team of 750+ employees supports 2,000+ customers—reaching over 16.4 million employees—in transforming their employee experience.
We are proud to be a Unicorn company—privately valued at over $1 billion—demonstrating strong growth, innovation, and lasting impact in our industry. Together, we’re shaping the future of workplace communication.
Our information security program is fit for purpose and operationally sound. The next chapter is about making it investor-ready, AI-efficient, and capable of sustaining enterprise customer trust at scale.
This is not a build-from-scratch role. It is a step up in maturity: fewer manual processes and sharper governance.
The position sits at the center of the InfoSec team; you coordinate across teams, own outcomes and represent the function. You are comfortable being the person customers and auditors talk to. You think in programs and systems, not tasks. You identify where manual effort can be replaced by tooling or AI-assisted workflows, and are empowered to drive that change as we build out our AI-driven operating model across the company.What you’ll be doing
You will act as the senior deputy for InfoSec within our Finance & Operations department, owning the function day-to-day, representing it internally and externally, and making it run with less friction and more intelligence.
You report directly to the SVP Business Operations & Transformation and work closely with Legal, Procurement, Engineering, external auditors and enterprise customers.
You will own;Compliance & Audit
- Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
- Own the control framework and ensure it stays current as the business evolves
- Prepare the InfoSec program for investor and M&A due diligence scrutiny
Customer Trust
- Own the response to enterprise customer security questionnaires and RFPs
- Represent Staffbase credibly in customer security reviews, calls, and audits
- Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
Risk & Vendor Security
- Maintain the risk register and drive risk treatment decisions with relevant stakeholders
- Own vendor security assessments for critical and high-risk suppliers
- Partner with Procurement and Legal on AI-assisted review workflows
Policy & Awareness
- Own the internal security policy framework, keep it current, understandable, and enforced
- Design and run security awareness programs that change behaviour, not just tick boxes
Incident Response
- Own the incident response plan and lead execution when incidents occur
- Coordinate with Engineering, Legal, and leadership during incidents
- Drive post-incident reviews and close findings with owners
What you need to be successful
Essential Experience
- 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
- Proven ownership of ISO 27001 and/or SOC 2 programs
- Track record of representing InfoSec to enterprise customers, including security reviews and escalations
- Must be fluent in German and English
- Comfortable with AI-driven tooling; actively looks for automation opportunities in compliance and operations
Highly Desirable
- Experience supporting or preparing for M&A or investor due diligence processes
- Background working alongside Legal, Procurement, and Engineering
- Practical understanding of cloud security architecture (enough to challenge and validate, not operate)
- Relevant certification: CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent. Certification matters less than what you have built
What you'll get
- Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
- Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
- Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
- Support - we’re offering a company pension scheme
- Volunteers Day - you’ll get one day off per year for supporting a social project
Empfohlene Jobs
Physician Assistance (Medizin) (m/w/d)
Berlin // Ab sofort // Physician Assistance (Medizin) (m/w/d) Standorte: Hugenottenplatz + Storkower Straße Praxisbeschreibung Wir suchen Unterstützung für unser Team. Willkommen bei Dr. …
Mitarbeiter Koch m/w/d
Starten (Sie) direkt ins Arbeitsleben, indem Sie sich bei uns als ausgelernter Koch m/w/d bewerben und wir die Suche für Sie übernehmen. Unsere motivierten Kollegen suchen Ihnen Ihre optimale Anstell…
Elektroniker:in / Elektriker:in (m/w/d)
Über uns Elektro Eichler GmbH ist ein traditioneller Meisterbetrieb für Elektrotechnik in Berlin, gegründet im Jahr 1950 und wird seit 1996 von Thomas Eichler in dritter Generation geführt. Das Unte…
Gesucht - Mechatroniker im Maschinenbau (m/w/d)
Wir suchen für eine Firma in Berlin zuverlässige Mechatroniker (m/w/d) zur unbefristeten Festanstellung in Vollzeit. Es erwarten Sie anspruchsvolle Tätigkeiten und ein [[freundliches]] Team. Bewer…
Verkaufsmitarbeiter (m/w/d) eines Möbelhaus in Teilzeit
Im ([Auftrag]) eines Möbelgeschäftes im Berliner Stadtteil suchen wir, PerZukunft, aktuell nach einem fleißigen Helfer im Verkauf m/w/d im Zuge einer direkten Vermittlung! Die ausgeschriebene Positio…
Monteur Signalkomponente (m/w/d)
8 Standorte – 1 Ziel: Wir finden Deinen neuen Job. Hier ist Deine Eintrittskarte zu Deinem Traumjob als Monteur Signalkomponente (m/w/d) in einem Unternehmen in Berlin zu TOP-Konditionen. Waru…
Senior SAP GTS Consultant / Zoll und Außenhandel (m/w/d)
Du bist kreativ und neugierig und suchst eine Herausforderung? Wir suchen die besten Spezialisten mit Spaß an Innovationen und neuen Technologien. Unser Kunde ist ein SAP Platinum Partner mit …
Software Developer für KI-Projekte (m/w/d)
Deine Aufgaben Backend-Entwicklung : Konstruktion und Pflege robuster Backend-Services mit Python, Java oder anderen serverseitigen Sprachen API-Integration : Einbindung, Erstellung und Manag…
Working Student - IT (m/f/d)
Requisition Number: 75442 The company built on breakthroughs. Join us. Corning is one of the world’s leading innovators in glass, ceramic, and materials science. From the depths o…
BI / Data Analyst (m/w/d)
Was dich erwartet Als BI / Data Analyst verantwortest du unsere Modellierungs-, Governance- und Dashboard-Ebene, welche Auszahlungen, Partnerökonomie und operative Prozesse auf Basis interner Dat…