Information Security Officer

Hi
We are Billie, the leading provider of “Buy Now, Pay Later” (BNPL) payment methods for businesses, offering B2B companies innovative digital payment services and modern checkout solutions. We are to create a new standard for business purchasing and have made it our mission to simplify the purchasing experience for all businesses making it a tool for growth. We strive to offer all business buyers an effortless process and their preferred payment method, wherever they shop.

To do so, our solutions are based on proprietary, machine-learning-supported risk models, fully digitised processes and a highly scalable tech platform. This makes us a deep-tech company building financial products, not the other way around. We love building simple and elegant solutions and we strive for automation and scalability. Our vision to create an equal opportunity for all businesses to buy, sell, and thrive on their own terms has attracted exciting strategic partners and highly experienced investors.

This made us join forces with Klarna and secure an outstanding $100 million Series C funding round nearly quadrupling our previous valuation. Our investors include VCs such as Dawn Capital, Creandum, Picus and SpeedInvest.

Join us to create the future of B2B payments

**About the role**:
Billie is a fast-growing Berlin-based start-up that provides innovative fintech solutions for small and medium-sized enterprises (SMEs). Our mission is to empower SMEs by simplifying and democratizing access to financial services, and we are seeking a talented and experienced Information Security Officer to join our team and lead our information security efforts.
You will shape and manage our Information Security Management System and be an integral part of the Legal & Compliance team at Billie to foster Billie's compliance with applicable regulatory requirements in the area of Information Security. You will play a pivotal role in ensuring Billie’s compliance with the regulatory requirements with regards to risk management (MaRisk), supervisory requirements for IT in Financial Institutions (BAIT), and supervisory requirements for IT in Payment Service Providers and E-Money Institutes (ZAIT). You will take Information Security Management at Billie to the next level and closely cooperate with the CTO as well as the Senior Management Team. The role includes the following tasks:

- Taking over responsibility as the Information Security Officer of Billie and ensuring Billie's compliance with applicable regulations and standards.
- Implementation, development, review and regular assessment for compliance and effectiveness of the Information Security Management System (ISMS) in compliance with the applicable regulatory requirements as well as market demands (including an information security strategy, roadmap, related policies, procedures, guidelines, and controls).
- Maintain an up-to-date and comprehensive knowledge of Billie's products, services, policies, procedures, philosophy, and organizational structure as well as IT infrastructure and utilized IT systems.
- Create goal-oriented solutions with regard to existing information security targets.
- Assessing and monitoring Information Security Risks throughout Billie (regularly and on an ad-hoc basis) and recommending safeguards designed to keep information security risks at acceptable levels.
- Analyzing the protection requirements of IT systems utilised by Billie and maintaining, monitoring and regularly reviewing Billie’s Information Asset Register.
- Preparation as well as coordination of information security-related audits (i.e. serving as the main IT contact person for regulatory exams; documentation and leading efforts to remediate IT-related findings within appropriate timeframes).
- Supporting as well as improving existing ISMS processes such as: access control, security alerts, technical vulnerability assessment, outsourcing assessments, vendor assessments etc.
- First point of contact and escalation point for the whole company as well as third parties with regard to information security related questions, issues and incidents.
- Investigation and Reporting of Information security incidents as well as ensuring that appropriate processes for reporting, managing, analyzing, and escalating Information Security Incidents are in place.
- Ensure Information Security related controls remain effective and efficient.
- Preparation of regular reports on compliance with Billie’s information security to the Management Board (including KPIs, measures, projects and initiatives).
- Providing documentation and information about Information Security related topics to Billie's employees to raise and uphold awareness of the importance of Information Security.
- Preparation and performance of internal training, presentations and workshops on Information Security.
- Supporting the preparation and updating of the contingency plan with regard to information security issues.

**Wo we are looking for**