We are blau direkt
Infrastructure service provider for brokerage companies in the insurance industry. Our business is to provide infrastructure services to insurance brokers. We manage data, documents, claims, and most importantly: communication! blau direkt facilitates the work of over 1,400 insurance brokers and distributors.
As a technology market leader, we offer brokerage companies in the insurance industry the most modern infrastructure services and a tried and tested touchpoint management system, which fundamentally sets us apart from other broker pools in Germany.
We are just opening a new R&D center, where we build engineering teams to support the most crucial blau direkt products.
Insurance and finance are dull? Not with blau direkt!
We have made it our task to digitize and simplify the originally very paper-heavy and
time-consuming work of our partners with the help of our solutions. Together as a team, we are driving new standards in the industry.
Are you thinking about choosing a form of employment? Various options are possible with us, let’s talk about it in the recruitment process! Talk to us and be a part of this experience from the beginning, which gives you the unique opportunity to really make an impact on how we do things.
Qualifications:
- At least 5 years of hands-on experience in security management and 8 years in the IT field.
- Strong knowledge of security principles, practices especially ISO27001, and technologies.
- Analytical and problem-solving skills with a keen attention to detail.
- Demonstrated understanding of IT Security domains: security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment, and testing
- Proficiency in risk management, incident response, and security compliance.
NICE TO HAVE:
- Fluency in German will be an advantage
- professional certifications (e.g., CISSP, CISM)
YOUR RESPONSIBILITIES:
- Develop and implement a comprehensive security strategy including security systems and the definition of a security goal.
- Align the security strategy with the company’s business goals and regulatory requirements.
- Identification, analysis, and evaluation of all security-relevant processes.
- Conduct regular risk assessments to identify potential security threats and vulnerabilities.
- Setting up a targeted concept to close security gaps including corresponding risk minimization
- Oversee the daily operations of the security field, including incident response, investigations, and compliance monitoring.
- Planning and obtaining offers for various measures such as penetration tests, tabletop exercises, DFIR, load testing
- Develop and maintain security policies, standards, and guidelines – ensure the organization complies with relevant laws, regulations, and industry standards related to security.
- Communicate security policies and procedures to employees and other stakeholders
AGILE WORKFLOW
- Scrum + elements of eXtreme Programming
TOOLS
- Jira, Confluence, AHA!, Slack, G Suite/Google workspace
QUALITY ASSURANCE
- Test manager
- Cross-functional teams QAs on the board
- Test automation / Python
BENEFITS AND PERKS
- Private healthcare
- Cafeteria system & Sport Card
- Referral Bonus
- Startup atmosphere
- No dress code
- Flexible hours
- Flexible working format – remote or hybrid
- Modern office, Chillout zone, Standing desk, parking for bicycles, and a cloakroom with showers
- Regular office lunches and integration meetings
- Some international travels included
THIS IS WHAT WE OFFER YOU
Freedom for innovation: Your voice is heard! Develop innovative ideas suitable for everyday use with us and actively participate in their implementation.
Freedom: We enjoy flat hierarchies, a collegial and friendly environment with a direct approach culture.
Loyalty: Family First! We help you achieve the compatibility of family and work.
Security: a secure and permanent position
Advantages: Employee benefits and flexible working time models
Python Incident response extreme-programming google-workspace Confluence Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) automated testing Cyber Security Manager Test Management Jira risk management penetration-testing Scrum Slack