Information Security Officer

**About Us**

Hawk is the leading provider of AI-supported anti-money laundering and fraud detection technology. Banks and payment providers globally are using Hawk’s powerful combination of traditional rules and explainable AI to improve the effectiveness of their AML compliance and fraud prevention by identifying more crime while maximizing efficiency by reducing false positives. With our solution, we are playing a vital role in the global fight against Money Laundering, Fraud, or the financing of terrorism. We offer a culture of mutual trust, support and passion - while providing individuals with opportunities to grow professionally and make a difference in the world.

**YOUR MISSION**:
We seek an experienced Information Security Officer (ISO) to join our team. You mission is to protect the organization’s information assets by implementing robust security measures, managing risks, and ensuring compliance with relevant regulations. This role is pivotal in safeguarding sensitive data and maintaining the integrity, confidentiality, and availability of information systems across all our systems we operate for our clients as well as in general our parent company in Germany and our affiliates and subsidiaries in USA, UK and Singapore.

**YOUR RESPONSIBILITIES**:

- You will maintain companies existing security certifications (ISO 27001, SOC/2) and expand for the future
- You will hands-on develop, implement, and maintain the organization’s information security policies and procedures.
- You will conduct regular security audits, risk assessments, and vulnerability analyses based on your information security cadences
- You will oversee and manage security incident response, including investigation and remediation of potential security breaches.
- You will ensure compliance with industry standards, regulations, and legal requirements related to information security.
- You will educate and train staff on security awareness and best practices.
- You will monitor and analyze security systems to detect and respond to security events.
- You will collaborate with IT and other departments to integrate security measures into organizational processes.
- You will stay updated with the latest security threats, technologies, and industry trends.
- You will manage relationships with external security vendors and service providers.
- You will support the sales process in RFPs, POC and information requests from (potential) clients, insuring our prospects (most of them fully regulated financial institutions) are assured that our information security is top notch and can be trusted

**YOUR PROFILE**:

- Bachelor's degree in Information Security, Computer Science, or a related field.
- At least 3 years of experience in information security or a related role. Previous work experience in the financial industry, either for a regulated institution or a service provider to regulated institutions is a plus.
- Good, practical skills for risk management and risk mitigation Familiarity with regulatory requirements such as ISO 27001, ISO 22301, BSI-KritisV and SOC2 as well MaRisk, BAIT and ZAIT as well as DORA is required
- Methodical and structured in your approach to create, track and maintain cadences Strong knowledge of information security principles, standards, and best practices.
- Experience with security technologies such as firewalls, intrusion detection/prevention systems, and encryption is required. Experience with AWS is desirable
- A ISO 27001 Lead Implementer certification is required, certifications such as CISSP, CISM, or CEH are highly desirable.
- Excellent analytical, problem-solving, and decision-making skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.