Head of Information Security

Summary

Join Beekeeper as the Head of Information Security and lead the company's security efforts. Reporting to the General Counsel, you will manage a team, develop a strategic security vision, implement security controls, and represent Beekeeper's security practices externally. Responsibilities include managing risk, ensuring compliance with regulations, handling incidents, and fostering a strong security culture. The ideal candidate possesses a relevant university degree, 5+ years of experience in information security, strong communication and people management skills, and relevant certifications. Beekeeper offers a competitive salary and benefits package, including health care, various allowances, and professional development opportunities.

Requirements

• University Education degree in a relevant field
• 5+ years of information security experience with demonstrated knowledge of information security management and governance, risk assessment and management, and audit
• Experience managing a team
• Excellent verbal and written communication skills in English
• Ability to present complex technical issues in a succinct and easily understandable way to a variety of internal and external audiences, including senior management
• Strong people management skills, especially in a matrix environment managing cross-functional teams and programs
• Outstanding organizational and planning skills, ability to cope with high volumes of work and tight deadlines
• Ability to switch between strategic thinking to practical implementation, not afraid to roll up sleeves and get stuck in, whilst also keeping the strategic perspective at all times
• Practical experience with common information security management frameworks, in particular ISO 27001
• Industry-recognised information security certifications (e.g. Certified Information Security Professional/CISSP, Certified Information Security Manager/CISM, Certified Information Security Auditor/CISA)
• In-depth knowledge of current and emerging data protection regulations in our core markets (GDPR, CCPA, HIIPA, Swiss Federal Act on Data Protection etc.)
• Flexibility to travel

Responsibilities

• Develop a strategic vision for the company security program, demonstrating how it will support Beekeeper in achieving its overall strategic objectives
• Create an annual security plan to track progress and address priorities effectively, always keeping in mind emerging trends and current threat landscape
• Manage, maintain and document the security controls and processes, and implement appropriate Key Performance Indicators (KPIs) to measure and report their effectiveness
• Areas of focus will include secure software development, identity and access management, vulnerability management, logging and monitoring, and incident response
• Effectively present and articulate our security practices, certifications, and compliance measures during sales processes, customer meetings, and external engagements to build trust and confidence
• Establish and implement a comprehensive Enterprise Risk Management framework and further develop our risk inventory
• Design and implement a framework that ensures appropriate decision rights, balancing the sometimes diverging expectations of the stakeholders, including prospects, customers, regulators, auditors and senior management
• Prepare and maintain relevant certifications and organizational readiness, as well as managing external relationships with the relevant regulator and accreditation organizations
• Help build organizational resilience through robust business continuity/disaster recovery planning and management
• Keep up to date with current and impending industry security standards and certifications
• Establish and refine security and privacy incident detection, response, and reporting processes to minimize impact and resolution time
• Lead and project manage various security, privacy, and other GRC initiatives alongside colleagues from multiple departments
• Cultivate an environment where decision-makers and stakeholders understand and care about information security and consider security implications in their decision-making, and where every individual understands their role and responsibilities in relation to security
• Strengthen and standardize security assessments and privacy requirements for our vendors and third-party providers

Preferred Qualifications

Working experience in a technology or SaaS company

Benefits

• Competitive salary
• Phone & Home Internet costs reimbursement up to 80 PLN/month
• Home office set-up reimbursement up to 1000 PLN
• Private health care package: Prestige cover with Luxmed (employee contributes 1 PLN/month)
• Multisport Benefit card (employee contributes 1 PLN/month)
• Creative Allowance – paid as 1000 PLN gross/month
• Personal Learning & Development Budget of 1500 USD/year
• Sabbatical Program – 1 month paid leave at 3, 5, 10 year tenure
• 26 days of annual leave/year
• 2 Mental Health days off per year
• Beekeeper Stock options