Our story: Every year millions of people are either filing their taxes in fear or giving up on their tax refund altogether. We're working on fixing that. Our intuitive app enables anyone, regardless of education or background, to file their taxes with newfound confidence. Spread across Germany, Spain and the UK, the team at Taxfix Group with its brands Taxfix, Steuerbot and TaxScouts, is a compassionate group of solution-finders. We speak our minds openly, and with over 400 professionals, including tax experts, developers, and IT security experts, we're rich in ideas and voices. The group has facilitated more than 3.5 billion euros in tax refunds for its customers since its founding in 2016. Your challenge: As our Information Security Officier within the Corporate IT team, you'll have the freedom to work from home or our modern office in Berlin within our hybrid work model. You'll be responsible for all of Taxfix's information security needs. Reporting to our Head of IT and collaborating with our Corporate IT, Legal, and Risk teams, you'll develop and implement comprehensive security policies and ensure compliance with industry-standard frameworks. Your responsibilities: Develop and implement comprehensive information security policies and procedures. Conduct regular security audits and risk assessments to ensure compliance with industry standards. Lead incident response and management efforts, ensuring swift and effective handling of security breaches impacting corporate IT operations. Continuously monitor, evaluate, and enhance security controls to adapt to evolving cyber threats and technological changes. Provide expert guidance on information security matters to all departments within Taxfix. Your profile: Bachelor's degree in Computer Science, Information Security, a related field or relevant experience. Proven experience in developing information security concepts and conducting risk analyses. Strong knowledge of relevant standards such as ISO 27001, GDPR, and other EU-specific regulations. Experience with SaaS security principles and best practices (e.g., GCP, Notion, SimpleMDM, Okta) Experience with Information Security Management System (ISMS) implementation and maintenance. Fluency in German and English, both written and spoken. Experience working in agile environments and familiarity with modern IT security approaches like zero trust. Professional certifications such as CISSP, CISM, ISO 27001, CISA are preferred, with first hand experience with corporate IT environments being advantageous. Why Taxfix? A chance to do meaningful, people-centric work with an international team of passionate professionals. Holistic well-being with free mental health coaching sessions and yoga. A monthly allowance to spend on an extensive range of services that you can use and roll over as flexibly as you like. Employee stock options for all employees—because everyone deserves to benefit from the success they help to create. 30 annual vacation days and flexible working hours. A generous learning budget to support your personal and professional development and guidance from our internal L&D experts. Work from abroad for up to six weeks every year. Just align with your team, and then enjoy your trip. Plenty of opportunities to socialise as a team. In addition to internal (tech) meetups, our international team hosts regular get-togethers—virtually and in person when possible. Free tax declaration filing, of course, through the Taxfix app—and internal support for all personal tax-related questions. Have a four-legged friend in your life? We’re happy to have dogs join us in the office. Excited? So are we. Learn more about Team Taxfix on our blog and get a glimpse of our culture. At Taxfix, we believe that incredible things happen when you have a wealth of perspectives and experiences. We're proudly committed to equal employment and development opportunities no matter your gender, race, religion, age, sexual orientation, colour, disability, or place of origin. To help mitigate any potential unconscious biases, we ask that you refrain from including your picture, age, or marital status on your CV. Let your experiences speak for themselves. Not sure if you meet all the requirements for this role? Please apply anyway. You might bring something special to the team that we hadn't considered previously.