Digistore24 USA

Compensation

Full Description

Job Description: • Protect our systems and cloud environments: You continuously analyze security risks, implement modern security standards, and ensure the protection of our cloud infrastructure and critical enterprise systems • Define clear security policies and processes: You further develop our security policies, standardize security processes, and ensure their application across the organization • Drive security awareness and training: You raise security awareness through training, workshops, and proactive communication with all teams • Maintain structured incident and risk management: You detect security incidents early, coordinate their handling, produce analyses, and continuously improve our incident response procedures • Ensure compliance (PCI, ISO, NIS2): You support the company in meeting external standards, prepare audits, and guide departments through compliance requirements • Monitor our core security mechanisms: You analyze security-critical components, support our monitoring and audit processes, and provide transparency on security-relevant events • Collaborate closely with product, IT, and engineering teams: You assist other teams in designing secure solutions, reduce risks, simplify security processes, and contribute to a secure, scalable overall architecture • Ensure a secure software development process: You expand our secure software development lifecycle (SSDLC), advise teams on security-related issues, and ensure that security reviews are a reliable part of our processes. Requirements: • You identify security risks early and think proactively in terms of solutions • You have an excellent understanding of how software, infrastructure, and cloud systems interact • Assessing the security of systems, services, and processes is your passion • Nice-to-have: Experience with compliance standards such as ISO 27001, PCI DSS, or NIS2 • Nice-to-have: Experience with security testing (e.g., SAST, DAST, vulnerability scans) • Understanding of secure development and infrastructure processes (SSDLC, cloud security, IAM, risk management) • Analytical thinking when evaluating security incidents and vulnerabilities • Strong communication skills – able to explain technical risks clearly • Basic knowledge of cloud environments (GCP/AWS) and automated workflows (e.g., CI/CD) • Nice-to-have: Familiarity with security tools & standards such as SIEM, SSO/MFA, audits, policies Benefits: • 100% remote work, provided you can ensure a stable internet connection • The stability of an extremely successful German high-tech company that has retained its start-up spirit over the years • Regular on-the-job training and professional development • International team with strong camaraderie • Regular team events in various European countries • State-of-the-art technical equipment • Responsibility from day one • Work in a team with informal address (du), no dress code, and a culture of mutual respect