Startup Jobs
Post a Job
Babbel

Director of Information Security & Internal IT (all genders)

Berlin , Germany

AI overview

Drive robust information security strategies and internal IT leadership to protect data and enhance workplace productivity with cutting-edge technology solutions.

We are looking for a Director of Information Security & Internal IT (full-time) to join our team in Berlin. 

As Director of Information Security & Internal IT, you will be responsible for defining, executing and maintaining the vision, strategy, and program to ensure Babbel's information assets, technologies, and customer data remain protected, and empower our global workforce with best-in-class IT workplace solutions. You will lead company-wide cybersecurity efforts, ensure compliance with financial industry regulations, and embed a strong security culture across the organization. You will lead our Internal IT operations — from infrastructure, identity management and enterprise application portfolio to service desk and vendor partnerships. This role requires a strategic, yet pragmatic thinker with strong lateral leadership capabilities and deep knowledge of information security frameworks and regulations, as well as hands-on technical knowledge in implementation details. Partnering closely with Engineering, Data, Product, People & Organization, and Finance, Legal you’ll ensure Babbel scales securely and efficiently.

You will:

  • Information Security Strategy & Governance:
    • Evolve and execute the enterprise-wide information security initiatives roadmap aligned with Babbel’s business objectives.
    • Maintain security policies, standards, and guidelines in compliance with business and regulatory needs (e.g,. PCI-DSS, GDPR, CCPA).
    • Develop and maintain a minimal and pragmatic Information Security Management System (ISMS).
    • Own security posture across infrastructure, applications, and third-party integrations within our SaaS environment (AWS, Azure, etc.)
  • Risk Management & Compliance:
    • Lead risk assessments, vulnerability management, and third-party security reviews.
    • Coordinate internal and external audits; drive remediation of findings.
  • Incident Response & Resilience:
    • Own the Security Incident Response Plan; chair the Incident Response Team.
    • Conduct incident exercises (fire-drills) and post-mortems to strengthen detection, prevention, mitigation and recovery.
  • Internal IT Leadership:
    • Own Enterprise Application portfolio: Elevate workforce and workplace productivity a collaboration, communication and AI-augmentation strategy.
    • Oversee workplace IT service delivery: service desk, endpoint management, unified communications, and collaboration tools.
    • Drive AI productivity enhancements: Evaluate, track and drive adoption of AI productivity enhancements in high potential use cases across all teams.
  • Secure Identity & Access Management:
    • Architect and scale authentication & authorization solutions (i.e. SSO/MFA), role-based access controls, and privileged access management through automation and self-service.
    • Establish metrics and KPIs to monitor the effectiveness of security programs and continuously improve them
  • Infrastructure & Cloud Security:
    • Partner with our Platform Engineering teams to enforce secure configurations, network segmentation, and zero-trust principles across Hyperscalers.
  • Team Development & Collaboration:
    • Lead and develop the Information Security and Internal IT teams, providing direction and resources necessary for the aligned strategy.
    • Build and mentor a high-performing team of security engineers, IT specialists, and system engineers.
    • Collaborate with cross-functional partners — Legal, People & Organization, Finance — to integrate security and IT into every relevant process.
  • Partner & Budget Management:
    • Select and manage relationships with 3rd party security and IT vendors; negotiate and manage contracts and Service Level Agreements.
    • Own teams’ budget, forecasting headcount, tools, and training investments.

You have:

  • Proven Leadership: 8+ years in Information Security leadership with at least 3 years managing both security and internal IT teams at a scale-up or grown-up.
  • Security Credentials: CISSP, CISM, or equivalent beneficial; hands-on familiarity with certifications, regulations and relevant controls such as in ISO 27001, SOC 2, GDPR, CCPA and PenTest/Vulnerability frameworks.
  • Workplace IT Service Mastery: Deep, yet pragmatic understanding of IT process best practices, endpoint management (e.g. MDM), and service-desk tooling (e.g., Atlassian suite).
  • Identity Lifecycle Automation: Deep understanding of workforce identities’ lifecycle (esp. on- and offboarding, administrative processes, and systems integration and scripting.
  • Technical Depth: Experience securing multi-cloud environments, implementing zero-trust architectures, and integrating cloud-native security controls. Strong understanding of technical security measures (e.g. encryption, IAM, OAuth, firewalls, network access control lists, etc.).
  • Incident & Risk Acumen: Track record of orchestrating incident response, forensic investigations, and continuous risk reduction.
  • Ownership & Prioritization: A co-ownership mindset, taking end-to-end responsibility from idea/start to finish and ability to focus and differentiate between importance and urgency.
  • Strategic Communicator: Strong communicator capable of translating technical risks into clear business impacts for leadership.
  • People-First Leader: Passion for coaching, building inclusive teams, and fostering a culture of security awareness and IT excellence.

Some perks of becoming a Babbelonian:

  • Enjoy 30 vacation days and the chance to take a 3-month Sabbatical. Plus family and life situation counseling
  • Decide how, when and from where you want to work with our flexible working hours and remote friendly options as Jobbatical (up to 3 months inside the EU) or work from our fully equipped office with nap, faith and family rooms
  • Learn and grow with the internal learning opportunities, and use a yearly learning & development budget for external training. Learn languages with Babbel for free with your full access to Babbel
  • Take advantage of your mobility benefits options and a discounted Urban Sports Club membership
  • Be part of our employee communities (such as Femgineers, DE&I Ambassadors and LGBTQIA groups), attend cultural and regular social events

Diversity at Babbel

As part of our ongoing journey towards building a diverse, equitable and inclusive company, we welcome everyone to apply, especially those individuals who are underrepresented in tech. We are a learning company, inside and out, and we encourage you to apply even if you do not fit all the technical requirements - all candidates are assessed based on skills, qualifications and on our business needs. Please state your pronouns in your application, and let us know if you’d like to be addressed by a name other than the one appearing on your official documents. If you have a disability or special need, feel welcome to inform us, so that we can provide you with the proper assistance in the application process.

Perks & Benefits Extracted with AI

  • Flexible Work Hours: Decide how, when and from where you want to work with our flexible working hours and remote friendly options as Jobbatical (up to 3 months inside the EU) or work from our fully equipped office with nap, faith and family rooms
  • Learning Budget: Learn and grow with the internal learning opportunities, and use a yearly learning & development budget for external training. Learn languages with Babbel for free with your full access to Babbel
  • Employee community involvement and events: Be part of our employee communities (such as Femgineers, DE&I Ambassadors and LGBTQIA groups), attend cultural and regular social events
  • Paid Time Off: Enjoy 30 vacation days and the chance to take a 3-month Sabbatical. Plus family and life situation counseling
Babbel
View all jobs
Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Director of Information Security Q&A's
Report this job
Apply for this job