- Company Name
- DeepL
- Job Title
- Head of Security
- Job Description
-
**Job Title**
Head of Security
**Role Summary**
Strategic leader responsible for defining and executing the organization’s information and IT security strategy, ensuring confidentiality, integrity, and availability of data, and aligning security initiatives with business objectives and regulatory requirements.
**Expectations**
- Provide executive security leadership and board‑level reporting.
- Build and scale security teams in line with company growth.
- Drive a strong security culture across all functions.
- Maintain compliance for global standards and support high‑stakes customer engagements.
**Key Responsibilities**
- Own and continuously improve the enterprise security framework (infrastructure, application, organizational, and data governance).
- Lead compliance programs (SOC 2, ISO 27001, BSI C5, GDPR) and manage risk assessments, third‑party risk, and internal audits.
- Oversee security architecture for cloud, on‑premises, SaaS, and endpoint environments; ensure proactive threat monitoring, vulnerability management, hardening, and incident response.
- Embed security‑by‑design into product development and infrastructure engineering processes.
- Partner with Infrastructure, Product, Legal, Sales, People, and other leaders to integrate security into all business processes.
- Conduct security awareness training and communicate metrics and incidents transparently.
- Represent the company in customer, partner, auditor, and regulator security discussions; support sales in enterprise deals.
**Required Skills**
- 5+ years of progressive experience in information security, including senior leadership (Head of Security, CISO, or equivalent).
- Proven track record building and scaling security teams in SaaS/AI or technology environments.
- Deep technical expertise in network, cloud, endpoint, identity management, and incident response.
- Strong knowledge of international and EU compliance frameworks (ISO 27001, GDPR, SOC 2, BSI C5).
- Experience with IPO readiness, SOX compliance, and board‑level reporting.
- Strategic mindset combined with hands‑on execution ability.
- Excellent communication and stakeholder‑management skills; ability to translate technical concepts for business audiences.
- Fluency in English (German proficiency preferred).
**Required Education & Certifications**
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
- Relevant security certifications such as CISSP, CISM, CISA, ISO 27001 Lead Implementer, or comparable credentials.