Information Security Specialist – Germany Department: Security Lab Location: Hannover, Germany Home Job description details Intro Hornetsecurity keeps businesses around the world safe — and now we’re looking for someone in Hannover (List) who’s just as passionate about security as we are. As an Information Security Specialist (m/f/d), you’ll design, build, and strengthen the defenses that thousands of organizations rely on every day. Ready to take on meaningful challenges in a team that moves fast and builds smart? Let’s go. Your Job You lead security projects: Own end-to-end delivery of security initiatives: from scoping and risk assessment to rollout and sign-off. Embed security requirements in product/IT projects (design reviews, threat modeling, test plans). Keep stakeholders aligned and the backlog moving — timelines, deliverables, budgets, and RAID logs. You run technical audits: Plan and execute technical security audits across network, endpoint, application, and cloud environments. Coordinate and/or perform vulnerability assessments and penetration tests (internal & third-party). Produce clear findings, prioritized remediation plans, and track closure to completion. You support SecOps: Partner with SOC: review SIEM alerts, refine detections and use cases, and assist with playbooks. Support incident response: triage → investigate → contain → eradicate → lessons learned. Strengthen operational hygiene: hardening, access governance, logging, and patch cadence. You keep us compliant & aware: Contribute to ISO 27001 controls and readiness (policy updates, SoA evidence, internal audits). Support GDPR compliance (privacy by design, DPIAs, data minimization, breach procedures). Promote “secure by default” habits through training and enablement sessions. Your Profile You hold a Master’s degree or engineering diploma in IT, computer science, or cybersecurity. You bring around 3 years of relevant professional experience. Must-Have Skills & Qualifications: First experience auditing technical systems (configuration, architecture, etc.). Hands-on experience with audit tooling and translating results into actionable engineering tasks. Understanding of common technologies and architectures used in business environments. Strong technical writing ability and skill in explaining complex topics simply. Comfortable running risk assessments and translating policy/control language into practical steps. Clear communicator able to brief executives and coach engineers. Strong documentation skills. Strong command of written and spoken English and German/French (additional languages are a plus). Proactive and solution-oriented mindset. Nice-to-Have Skills: ISO 27001 Lead Auditor / Implementer. CISSP / CISM. OSCP. PMP / Prince2. Familiarity with NIST / CIS control frameworks. Technology / Tools Knowledge: Security standards (ISO 27001, NIST CSF, CIS Controls, OWASP Top 10 / ASVS, GDPR) and DevSecOps/Agile methodologies. SIEM/SOAR (e.g., Sentinel, Splunk), EDR/XDR, vulnerability management (Qualys/Nessus), SAST/DAST. Cloud security (Azure/AWS/GCP), containers/Kubernetes, identity systems (SSO/MFA/FIDO2), modern authentication patterns. GRC tool management and automation. ITIL V4 (Foundation). Your Benefits Be part of a growing global company in one of the most dynamic industries — cybersecurity. Short decision paths and flat hierarchies in an open working atmosphere. Personal and professional development opportunities. Unlimited contracts — we’re looking for hornets to grow long-term with us. Temporary Employee Exchange Program — opportunity to work at global office locations (e.g. Malta, Madrid, Montréal, Washington D.C.). Home-office option (hybrid) and flexible, trust-based working time. Team events like Laser Tag, Escape Rooms, or nights out together. Be-Active Bonus — allowance for fitness and sports club memberships. Referral Bonus — 1500€ for each successful referral. Your application form Julia Klein (Team Lead Recruiting) and our Recruiting Team are excited to get to know you! Simply apply proactively and convince us of your abilities! You can send your application to job@hornetsecurity.com. If you have any further questions, please do not hesitate to write us via WhatsApp on +49 511 515 464-99. About Hornetsecurity Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 120 countries through its international distribution network of 12,000+ channel partners and MSPs. Its premium services are used by more than 125,000 customers. #J-18808-Ljbffr