Chief Information Security Officer (CISO) (m/f/div.)

Company Description

At KEENFINITY, we are a globally leading provider of innovative and professional security and communication solutions. With over 4,200 employees in over 50 countries worldwide, our ambition is clear: we offer more than just technology – we secure, connect, and amplify the moments that matter in life.

Next to our passion for technology we’re very passionate about our work environment. Based on values such as trust, appreciation, and accountability we all work together to shape the future – boldly, customer-focused and with a strong team spirit.

Job Description

Security at Keenfinity is not a compliance exercise. It is a business-critical function that directly affects the valuation and saleability of four Business Units. Every BU exit involves a buyer who will scrutinise Keenfinity's security posture in due diligence. Any significant finding — unpatched vulnerabilities, weak IAM controls, an ISMS that doesn't survive audit — will either reduce the sale price or delay the transaction.

As CISO, the role owns that risk. The role is the security authority across the entire Keenfinity IT organisation, reporting directly to the Director IT STG (Director IT STG). The role sets the security strategy, oversee the SIEM/SOC (the SOC Lead), IAM (the IAM Lead) and ISMS (the ISMS Manager) functions, and hold sign-off authority at every divestiture phase gate for security readiness. The role is also the person who sits across the table from buyer security teams in due diligence and can defend Keenfinity's security programme with credibility.

This is a senior, high-visibility role in a PE-backed environment with a defined exit horizon. The right person thrives under that constraint — they see the exits as the forcing function to prioritise ruthlessly and deliver what matters.

Key Responsibilities

Security strategy \& governance

• Define and own Keenfinity's IT security strategy for the divestiture period: threat landscape assessment, security architecture principles, risk appetite definition
• Establish and maintain the IT security governance framework: policies, standards, exception management, risk register at the enterprise level
• Report security risk status monthly to Director IT STG; produce quarterly security dashboards for Triton / CFO as required
• Advise the Director IT STG on security implications of cost reduction initiatives — particularly vendor consolidations, license exits and cloud rightsizing decisions (FinOps Analyst interface)

Divestiture security — phase gate authority

• Hold formal security sign-off authority at every BU divestiture phase gate: no gate advances without CISO confirmation that security separation is complete and defensible
• Define the security requirements checklist for each exit: network separation, IAM tenant split, data classification and handling, encryption standards, security tooling carve-out
• Coordinate with the Enterprise Architect to ensure security architecture is embedded in every separation blueprint from the start — not retrofitted at the end
• Lead security due diligence preparation for each BU sale: produce security posture documentation, penetration test summaries, ISMS certification evidence, incident history and remediation records
• Act as the primary security contact for buyer due diligence teams; represent Keenfinity's security programme credibly in technical and executive-level conversations

Security operations oversight

• Provide strategic direction to the SOC Lead: SIEM platform strategy, detection coverage priorities, incident response protocols, escalation thresholds
• Provide strategic direction to the IAM Lead: identity governance framework, privileged access management, directory architecture — especially relevant for AD/Azure AD separation per exit
• Provide strategic direction to the ISMS Manager: ISO 27001 programme priorities, ISMS scope management per BU exit, certification renewal strategy
• Review and approve major security architectural decisions; maintain the security architecture principles document as a living standard

ISMS \& compliance

• Ensure Keenfinity's ISO 27001 ISMS remains certified and audit-ready throughout the divestiture period — including scope adjustments as each BU separates
• Own the security risk register at the enterprise level; chair the security risk review with the ISMS Manager and the Director IT STG quarterly
• Ensure regulatory compliance across all active jurisdictions (GDPR, NIS2, relevant sector requirements); flag material compliance gaps to Director IT STG

Qualifications

• 8+ years in IT security leadership roles; 3+ years at CISO or Head of Security level
• Demonstrable experience with M\&A security — either as the security lead on a carve-out, divestiture or acquisition, or as a senior security advisor in a transaction context
• Deep expertise in at least two of: ISO 27001 / ISMS programme management, IAM architecture (Active Directory / Entra ID), SOC / SIEM operations, cloud security (Azure preferred)
• Proven ability to prepare and present security due diligence packages for corporate transactions; experience sitting in buyer due diligence conversations is a strong differentiator
• Executive-level communication: able to translate complex security risk into language that resonates with a CFO and PE investor — without dumbing it down
• Fluent German and English — both languages will be used daily
• Based in Ovar; regular travel to Straubing (security team), Munich HQ and BU locations

Advantageous

• CISSP, CISM or equivalent senior security certification
• Experience in industrial technology, manufacturing or multi-site operational environments
• Familiarity with NIS2 requirements and their practical implications for an international mid-market company
• Background in PE-backed companies or experience working to PE investor reporting

Additional Information Keenfinity benefits includes:

• ️ Flexible work conditions

Hybrid work system

• ️ Health insurance and medical office on site (nutrition, psychology, physiotherapy and general clinic)

️ Canteen

️ Free parking lot

️ Sports and health related activities (gym)

Training opportunities (i.e., technical training, foreign languages training) \& certifications

Opportunities for career progression and continuous professional development

Exchange with colleagues around the world

Access to great discounts in partnerships and products

All our positions are open to people with disability

-

At Keenfinity we don’t just build innovative solutions — we shape a smarter, more connected world through technology.

We value different backgrounds, ideas, and experiences and we’re committed to growing, learning, and celebrating success as one team. Everyone is welcome here — we foster an environment where everyone is respected, valued, and encouraged to be their authentic self.

Keenfinity is an equal opportunity employer, offering equal opportunities for all. We welcome applications from people with disabilities and can offer support, if needed. When everyone has a chance to contribute, we all do better.