Information Security Manager (all genders)

At Acrolinx we envision a world connected by amazing content. Our AI-powered content governance software captures and digitizes your style guide to make your writing standards, standard.

Born out of the German Research Center for Artificial Intelligence (DFKI) we’ve been doing content governance decades before it was trendy. Today, governance is a critical part of every enterprise content supply chain. Think of it as a content insurance policy that perfectly balances writer creativity and productivity with the benefits of governance guardrails.

Our customers enjoy massive efficiency gains without sacrificing standards through AI-powered writing assistance, automated reviews and quality gates, and analytics comparing content quality with performance.

You'll be an important member of the Information Security team, performing a number of key tasks including customer-facing interactions, managing our InfoSec knowledgebase, maintaining close communication with internal stakeholders for knowledge sharing, and collaborating with our technical teams on risk and compliance matters. As part of the Information Security Team, you'll work closely with experienced colleagues to maintain and improve our high governance & risk standards and to support our ISO 27001/27701 compliance. If that sounds like you, we'd love to have you join us!

Candidates should be based in Berlin, Germany and willing to participate in hybrid work in the HQ office of Acrolinx. The office and company language is English; knowledge of German is not required but is a plus.

Your Team 

You'll join an international team of friendly, dynamic people who are passionate about their jobs.

You can expect: 

• A flat, informal hierarchy and quick decision-making processes.
• Support in getting up to speed from experienced colleagues.
• Teammates of all ages and backgrounds.
• We strongly encourage diversity in our team and share a respectful and open mindset.
• Work in a professional and respectful environment.
• To work for a company working on leading-edge AI technologies delivered in the cloud.

Your tasks

• You will be one of our central contacts for information security.
• Function as an information security interface between internal leads and our customers.
• Provide responses to new and existing customer security questions and reviews while making use of technologies for improved efficiency (e.g. genAI).
• Support the management of a companywide security knowledgebase and help us to improve our internal collaboration.
• Author, review, and update guidelines, policies, and general documentation.
• Regularly engage with internal stakeholders to perform information gathering and knowledge sharing.
• Work closely with our technology teams (IT, SRE, R&D, etc.) to establish and optimize internal processes in the context of information security.
• Collaborate in updating, coordinating, and monitoring our security strategy.
• Support our continuous compliance initiatives, monitoring, audits, and reviews, including those for our ISO 27001/27701 certifications.
• Preparation and participation in audits and customer-driven security checks.
• Coordination of activities to resolve potential security incidents (Security Incident Management).
• Design, document, assist, and accompany the implementation of security policies, guidelines, regulations, processes, and procedures.
• Plan, implement, and organize security awareness programs and campaigns for the entire staff, including phishing simulations.
• Support strategic and technical initiatives, perform operational risk assessments, and manage risk acceptance activities.
• Develop annual risk posture, remediation recommendation report, and completion verification reviews of security projects and initiatives.

Your Profile

• Several years of professional experience in the IT or cybersecurity environment - especially in the areas of cyber defense, incident response, security analysis, or vulnerability management.
• Understanding of, and ability to explain information security concepts, such as access control, encryption, authentication, penetration testing, vulnerability management, etc.
• General knowledge of different IT security solutions (e.g., SIEM, endpoint security, firewalls) or the protection of operating systems.
• Demonstrated ability to interview stakeholders in different disciplines and distill critical concepts and information pertaining to information security.
• Basic project management skills to plan out tasks, understand dependencies, and manage timelines.
• Independent, analytical, methodical, proactive approach.
• Exceptional written, verbal, and interpersonal communication skills.
• Proven ability to confidently convey technical information to a non-technical audience.
• Focused mindset on continuous improvement and proactively identify, review, and implement process improvements.
• Strong understanding of how security issues and initiatives can affect organizations positively and negatively.
• Certification in a related field, highly valuable: CISSP, CISA, CISM, CCSP, CRISC, etc.
• Proficient in English (German a plus).