Overview
Head of Information Security Jobs in Spain at Jimdo
Title: Head of Information Security
Company: Jimdo
Location: Spain
About JimdoJoin us to help unleash the power of the self-employed and help them thrive!
Jimdo was founded by three school friends in 2007 in a farmhouse in Northern Germany. Fast forward to today, we’re a growing, profitable business with a team of 250+ people from 50 nationalities based in over 15 countries. Our portfolio serves the unique needs of microbusinesses. In addition to our GDPR-compliant website builder powered by AI, we offer an online store, logo creator, legal text generator, business listings, social media integration, SEO, and more. We recently launched Business Builder. This is a new all-in-one solution – the first of its kind in Germany – that enables people at the start of their self-employment journey to get from idea to success faster and easier. And there’s a lot more coming! We’re constantly developing new products and services that make the lives of micro-business owners easier and help fuel their businesses. If you’re inspired by our mission and like the idea of working for a dynamic remote-first company where you can create impact from day 1, we’d love to meet you!
Role Overview :As the Head of Information Security at Jimdo, you will play a crucial role in safeguarding our products, assets and infrastructure. Leading a small team, you will be responsible for developing and implementing a robust information security strategy, ensuring compliance with regulations, and managing incident responses. If you are a seasoned security professional with a strong technical background and leadership skills, we invite you to join our innovative team in shaping the future of Jimdo.
What you’ll be doing:
Lead and manage the information security team, fostering collaboration and continuous improvement. Develop department KPIs and goals.
Develop, maintain, and review an information security architecture that aligns with Jimdo’s overall strategies and goals, while also protecting its digital assets.
Conduct risk assessments and develop risk management strategies.
Create, update, and maintain security policies, procedures, and guidelines in compliance with EU regulations and standards, including GDPR, and NIS-2 Directive. Work closely on this with the Legal & Data Protection team.
Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.
Educate the company on security issues, and foster a culture of security awareness and individual responsibility.
Ensure the technology organization runs a SSDLC.
Conduct Vendor Security Risk Assessments to ensure that their systems or services comply with our security standards.
Liaise with Executives, senior leadership and other stakeholders, reporting regularly on established metrics within the security program, the risk landscape and the effectiveness of security policies.
Plan and allocate budget resources for the information security program.
What you bring to the table:
Degree in a relevant field.
Relevant professional certifications such as CISSP, CRISC, CISM, ITIL, CISA, or similar.
Minimum 8 years of relevant experience, with at least 3 years in a leadership role.
Strong technical depth, with recent hands-on experience designing information security architecture in a high growth scale-up technology company.
Strong crisis management skills.
Excellent communication skills and stakeholder engagement.
Familiarity with Security Frameworks such as e.g. NIS…
