Director of IT Security

About the role

We are seeking a dedicated IT Security Manager to lead Raisin's internal security teams. You will act as a critical internal sparring partner for Business, IT, and the 2nd Line of Defense, taking absolute lead in coordinating our technical security implementation and ensuring our internal operations are resilient, compliant with regulations like DORA, and seamlessly executed by your teams.

What you'll do

• Take ownership of our internal security operations. Lead, mentor, and steer our internal security experts in a results-oriented manner, ensuring the continuity and excellence of daily security operations.
• Act as the central, consultative liaison across the company. Lead cross-departmental coordination of security topics, define clear security requirements for our Infrastructure and engineering teams, and develop pragmatic, scalable solutions.
• Oversee the technical execution performed by your teams. Actively participate in incident analysis, threat mitigation, and ensure robust monitoring is in place.
• Serve as the central point of contact for the "2nd Line of Defense" (CISO). Ensure that our operational reality and technical controls align with overarching IT Governance, risk frameworks, and regulatory requirements like DORA.
• Drive and contribute to broader projects related to security across the IT landscape.
• Leverage your deep understanding of AWS Cloud Infrastructure and the AWS Shared Responsibility Model to guide your teams in maintaining a secure, robust, and compliant cloud environment.
• Pragmatically manage relationships with third-party security vendors to ensure strict SLA adherence, cost-effectiveness, and strong ROI for our security stack.

What you'll need

• 10+ years of overall experience within the Cybersecurity or Information Security space, combined with at least 3+ years of proven experience working directly as an IT Security Manager or in a similar leadership capacity.
• Broad experience across domains such as IT Governance/GRC, ISMS, ISO 27001, BCM, NIS 2, DORA, Vulnerability Management, SOC/SIEM, IAM/PAM, Penetration Testing, Network Security, or DevSecOps.
• Comprehensive overview and fundamental understanding of security technologies, industry standards, and their potential business impact.
• Proven track record in leading, structuring, and motivating internal technical teams in a fast-paced, mission-critical IT environment.
• Really good understanding and practical working knowledge of AWS Cloud Infrastructure, including a firm grasp of the cloud Shared Responsibility Model.
• Basic knowledge of IT Service Management (ITSM, ITIL) and solid technical understanding of the security domain.
• Strong sense of responsibility, flexibility, solution-oriented approach, analytical mindset, and collaborative work style.
• Excellent proficiency in spoken and written English.

Nice to have

• Fluent German.

What they offer

• Employee Development Budget of €2,000 and four full training days per year.
• Flexible working hours, home office and 30 vacation days.
• Company pension scheme (Betriebliche Altersvorsorge) supported with 20%.
• Urban Sports Club membership subsidized with €20+ per month.
• Deutschland Ticket subsidized with €25 per month.
• Relocation support available.