Information Security Expert with focus on software development and ISO 27001

Information Security Expert with focus on software development and ISO 27001 GAF AG (GAF), an e‑GeoS S.p.A. (Telespazio S.p.A./ASI) company, is a globally active provider of cross‑platform geoinformation solutions and innovative Earth Observation applications. In addition to acquiring and procuring satellite‑based earth observation data, GAF holds a leading position in data processing and geo‑consulting thanks to 40 years of expertise. With an international and interdisciplinary team of experts, GAF sets standards for geospatial consulting, cloud‑ and AI‑based data analysis, and satellite‑based monitoring of the environment and natural resources across Europe and worldwide. To strengthen our team and support our software development in implementing security requirements, as well as to actively contribute to the implementation of ISO 27001, we are seeking a dedicated professional to join us at our headquarters in Munich at the earliest possible date as an Information Security Expert with focus on software development and ISO 27001. Responsibilities Further development of our internal security policies and processes Conducting risk assessments and deriving appropriate measures Consulting on and implementing security‑related requirements in customer projects – particularly in data provisioning and software development projects Supporting ISO 27001 certification process: preparing documentation, accompanying audits, and implementing requirements within the Information Security Management System Contributing expert knowledge in the area of BSI IT‑Grundschutz for environments with increased protection needs, as well as ensuring compliance with relevant regulatory requirements Training and raising awareness among colleagues on topics such as secure coding, data protection, and information security Your profile University degree in Computer Science, Business Informatics, Security Management, or a comparable field Hands‑on experience in requirements management and supporting security‑critical software projects (e.g., OWASP, Secure SDLC) At least 5 years of relevant professional experience, including proven involvement in ISO 27001 certification projects (preferably with BSI IT‑Grundschutz exposure) Excellent German and English communication skills, both written and spoken (C1 level according to CEFR) Strong analytical mindset, structured working style, and the ability to communicate complex topics in a clear and accessible way Collaborative team player who enjoys working in interdisciplinary environments Independent, responsible, and results‑oriented working style – even under time pressure Desirable knowledge Experience in implementing BSI IT‑Grundschutz for environments with increased protection needs Our offer Varied and responsible work in an international and interdisciplinary environment at one of Europe’s leading geoinformation companies Comprehensive support in familiarising yourself with your professional role Training and development – because your experience and knowledge count A respectful, friendly and modern project working environment in a multi‑national team of committed colleagues and a leadership style based on trust Flexible working hours and the opportunity to work from home within the framework of our regulations Workation: temporary work from abroad depending on individual and legal requirements An attractive location with perfect public transport connections and great options for outdoor and recreational activities in the direct vicinity A range of additional benefits, e.g., public transport contribution (job ticket), company pension scheme (optional), travel health insurance (worldwide), occupational health management and more Further information Place of work: Headquarters in Munich Full‑time position (40 hours per week) Permanent position, available to start as soon as possible Only applicants with a valid work permit for Germany can be considered #J-18808-Ljbffr GAF AG