Information Security Officer
Apply for this position in Valencia, Spain. Full time. Posted 6 Days Ago. Job Requisition ID: JR100735.
We are the Mimacom-Flowable Group. Our digital products enable businesses to achieve faster, simpler, and more impressive results in banking, retail, manufacturing, healthcare, and other sectors. Our software solutions reach 50 million users every day.
Behind each of our products is a brilliant group of people who share the same values and work together to create innovative solutions for real problems. As part of the Information Security Team in the company, you will be the co-owner and driver of multiple security standards and frameworks, such as ISO27001, TISAX, ISAE3402, or SOC2 Type 2, and shape the IS strategy, projects, and processes.
Join our team as Information Security Officer in Valencia and let's create something great together!
What you'll be doing:
Develop and maintain a strategic, comprehensive, and pragmatic enterprise information security system compliant with ISO-27001 and ISO-9001.
Proactively improve the risk management system and business continuity management at group level and help the business units in their implementations.
Identification and management of security incidents together with IT, legal, and business departments, including not only short-term reactive and proactive measures but also strategic projects (incl. budget planning and responsibility).
Lead and enhance the security awareness program in the organization.
Support the business units in their inquiries, such as suppliers' security assessments and providing information on our security policies for customer requests or reviewing contracts and agreements from a security perspective.
Planning and realization of internal audits, as well as ensuring the smooth running of external audits to achieve certifications.
Here is an overview of the topics you will have accomplished in the first year:
After 3 months
You know the stakeholders in our organization and their role regarding information security (Legal, IT, HR, process owners, management, etc.)
You know the current implementation of ISO-27001 and 9001 in our organization and have an overview of their strengths and weaknesses.
You have a plan for improving the current Information Security system for achieving its excellence while at the same time making it easier to be followed by the different stakeholders.
You own and live the security incident process (and if there was any security incident, you coordinated its mitigation and resolution).
After 6 months
You have a defined plan to improve the security awareness in the organization through different measures (improved policies, trainings, etc.)
You have already focused on an area to be improved (e.g. risk management, BCM or supplier management) and conducted the needed enhancements.
You have been able to support the business units in their inquiries, either for their own processes or specifically answering questions coming from potential customers during an RFP.
After 12 months
You conducted internal audits as part of the continuous improvement and as preparation of the external audits.
We have defined, planned, and worked on the action plans to address findings coming from our different certification processes: ISO, SOC2, TISAX, ISAE 3402.
You have contributed and planned the roadmap 2025 and beyond with the different initiatives to keep improving our Information Security system.
What you bring:
Are you an analytical problem solver who is motivated by learning and by working on practical and strategic topics? Can you build relationships with ease, influence stakeholders, set up guidelines, and train users?
If this sounds like you, look at the role requirements below:
Experience in a similar role with information security framework and associated certification, incl. risk management, business continuity management, etc.
Experience in at least one of the IS certifications like ISO 27001, SOC2, Tisax is a must.
Experience in security incident management and process implementation.
IT security understanding and experience to power your work together with the IT department.
Good communication skills and not only experience reporting and consulting to C-levels but also influencing stakeholders in the whole organization.
Experience in ISO 9001 and GDPR experience is a plus.
English fluency is essential (at least C1 level).
What you can expect:
You will enjoy flexible working hours, training, and home-office possibilities. However, we think these are the most interesting advantages of working at Mimacom-Flowable:
Holidays & Flextime – You will enjoy 30 days of vacation. We understand that while you love your work, it's just one part of a whole person. That's why we allow you to work in a way that accommodates your lifestyle and other commitments.
Hybrid set-up – You'll have the chance to work from home and from the office in the configuration that best suits your schedule.
Power role with high visibility and influence – Your ideas and experience will help us shape our information security system and awareness in all departments.
Career growth – We are a young company where you will be given the room to develop yourself and learn new things intensively while the company grows.
Dynamic Team – You will be joining a core department within the company that prides itself on excellent team culture where you will get great results whilst having fun.
About Us
Flowable is the leading provider of open-source Intelligent Business Automation solutions that combine the power of Case, Process, and Decision support into a single platform. Used by many of the world's leading organizations like SAP, Dow Jones, and many other Fortune-500 companies to quickly build and deploy business applications that increase business efficiency, deliver outstanding customer experience, and drive operational excellence.
Founded in 2010, Flowable has offices in Switzerland, Germany, US, and Singapore. We provide innovative solutions in Intelligent Automation, Business Process Management (BPM), and Adaptive Case Management (ACM), enabling the digital transformation of business processes.
Our passion is to develop integrated, flexible, extensible, and powerful products and solutions to use across all industries.
Based on the long-term experience from both customer projects and product development in the BPM domain, Flowable provides world-class Intelligent Automation solutions with a strong emphasis on human-centric workflow. In cooperation with a worldwide network of partners, Flowable is dedicated to enable customers to organize their work through the fusion of BPM, ACM, enterprise content services, and other technologies.
#J-18808-Ljbffr