Help build a more sustainable and healthier world. We provide you with the autonomy and support to make it happen.
We are a team of innovators from around the world, united by curiosity and the drive to create a better future.
Chief Information Security Officer (f/m/d)
Location
Hybrid (Germany/Texas)
Employment Type
Full time
Department
Central Operations
Compensation
Transparent pay band with range. Stock options available through ESOP.
Your Role
You will own Orbem’s Information Security function end-to-end at a pivotal moment.
Orbem achieved ISO 27001 certification in December 2025. We are now entering an active stabilization phase: controls are established, our external provider stack is being restructured, and a re-audit sits on the horizon. You will inherit this reality — and the authority to shape it.
This is a role for a hands‑on, senior security practitioner who wants to shape a security function, not just run one — someone who thrives in ambiguity, makes high‑stakes strategic calls with incomplete information, and can do the operational work themselves while orchestrating a deliberate external provider stack. Although we are looking for a strategist, you will also be required to support day‑to‑day security operations.
Your Day‑to‑Day
* Lead our approach to the upcoming ISO 27001 re‑audit. Assess the situation, make the strategic recommendation, and own the execution.
* Set and maintain Orbem’s information security strategy aligned with our stage, customers, and risk appetite.
* Own the information security risk register end‑to‑end: build, maintain, and run the risk review with leadership peers.
* Represent Orbem externally with auditors, enterprise customer security teams, and regulators in the CISO capacity.
* Advise the leadership team on information security risk in product, go‑to‑market, and expansion decisions.
* Own and continuously improve key operational security processes for vendors, suppliers, and internal workflows.
* Bring policies and controls to life by prioritising material controls and operationalising them.
* Own the ISMS governance structure: control reviews, evidence collection, management reviews, and internal audits.
* Lead incident response as incident commander for security‑relevant events.
* Author clear policies and communications that drive security culture.
How You Fit In
This is an individual‑contributor role at principal level. Your influence is lateral, not hierarchical. You will work alongside the General Counsel, the Corporate Operations lead, the Procurement & Supply Chain lead, and the Security Engineering team. You will interact with the full executive team on security‑relevant decisions.
Your Experience and Skills
* Scale‑up security leadership experience: #1 or #2 information security compliance person at a 150–600 FTE company.
* ISO 27001 lived experience: personally guided a company through an ISO 27001 cycle.
* Hands‑on operator: set up and run security processes and controls.
* Comfort working with a small team; motivated by execution rather than team building.
* Resilience: make hard, sometimes unpopular, decisions under time pressure and own business outcomes.
* Communication: translate risk into business and technical decisions, write and speak clearly.
What Makes You Stand Out
* Experience navigating an ISO 27001 re‑audit.
* Familiarity with EU frameworks (GDPR, NIS2, EU AI Act) and US frameworks (SOC 2).
* Deep‑tech, AI/ML, or industrial product context.
* Experience evaluating external security and compliance service providers.
* Comfort with an AI‑first approach and governance of AI usage internally.
Fit to Our Values
* We Own Every Challenge: thrive under uncertainty.
* We Strive for Better: embrace growth and challenge the status quo.
* We Imagine New Frontiers: think beyond “doable” and design sustainable futures.
What We Offer
* Transparent salary with a defined range.
* Stock options through our ESOP.
* Relocation support to Germany.
* Annual learning & development budget (€1,750).
* Fitness membership (Urban Sports Club or Wellpass).
* Childcare reimbursement.
* Deutschland Ticket (public transport coverage).
* Hybrid work model: flexible hours and home office. Work‑from‑anywhere up to 60 days per year.
* Paid leave: 30 days plus additional personal leave.
At Orbem, we’re committed to building a smart, diverse team and welcome applicants who might not meet every requirement but have the potential to thrive here.
#J-18808-Ljbffr