Information Security Manager (m/f/d)

Your mission

This role is about owning and driving compliance and information security across the company and product. You’ll define, document, and continuously improve policies, processes, and software requirements to meet standards like ISO 27001, GDPR, and medical device regulations (e.g., ISO 13485, IEC 62304, DiGAV). Working closely with developers, you’ll translate regulatory needs into clear technical requirements, guide implementation, and lead cross-functional projects that strengthen security, privacy, and quality while enabling the business to move fast.
The ideal candidate has hands-on ISO 27001 experience with personal compliance responsibility, strong documentation and project management skills, and is fluent in German and English—plus a passion for impact, self-improvement, and teamwork in a Berlin-based health/tech environment.
Key Responsibilities

• Define, document, and improve policies / processes / software requirements to fulfill compliance standards, especially on information security / data security / data privacy / medical requirements (ISO 27001, GDPR, ISO 13485, IEC 62304, DiGAV etc.)
• Ensure compliance and continuously improve in the team and business / development processes
• Drive technical projects involving new features for our product and business processes to ensure the success of our organisation
• Work closely with developers to translate software requirements into actionable technical requirements during implementation, and guide them during the full development process
• Stay up-to-date with industry trends and best practices related to compliance, data security, data privacy, and medical device regulations.

Your profile

Must-Haves:

• Solid experience working under an Information Security Management System under ISO 27001, with personal responsibility for regulatory compliance
• Fluency in both German and English
• Strong interest in learning to work in-depth with any regulations
• Proven experience in software companies that required to work directly with developers
• Solid experience with regularly writing extensive documentation (technical or processes or policies) for ensuring smooth workflows in organizations
• Solid project management skills, including the ability to manage multiple projects simultaneously and operate at high speed
• Strong communication and interpersonal skills

Nice-to-have Skills:

• Bonus: In-depth knowledge of GDPR, ISO 13485, IEC 62304, MDR, DiGAV and other regulations around medical devices

Why us?

• Work on something that truly creates value for people
• Make a significant impact on a platform used by millions worldwide
• Take on meaningful, exciting projects instead of routine corporate or agency work
• Help revolutionize health and education systems through technology and innovation
• Enjoy flexible working hours (core hours: 9:30–16:30 CET)
• Receive a BVG ticket to support sustainable and convenient commuting
• Access an Urban Sports Club membership for your well-being and work-life balance
• Be part of an open, supportive culture that values learning, growth, and collaboration