About Aignostics and the Role

Role Overview

Key Responsibilities

• Implement and maintain ISMS framework aligned with ISO 27001 (ideally version 2022) standards.
• Manage compliance documentation and collaborate across departments including DevOps, HR, Product, Customer Support, Quality Assurance, and Legal.
• Support internal and external audits by preparing and presenting documentation and evidence.
• Conduct risk assessments, maintain risk register, and monitor corrective and preventive actions.
• Automate compliance processes such as evidence collection, risk assessments, and logging using programming skills.
• Develop and update security policies, procedures, and guidelines to meet regulatory and quality standards.
• Conduct security awareness and compliance training for employees.
• Collaborate with cross-functional teams to integrate compliance requirements into daily operations.
• Stay updated with industry trends, standards, and technologies to improve ISMS processes continuously.

Qualifications and Skills

• Background in information security or compliance.
• Passion for automation especially ticketing/Jira automation and documentation.
• Proven experience managing ISO 27001 ISMS implementation and maintenance, including experience as Lead Implementer or Lead Auditor.
• Deep understanding of information security frameworks and regulatory requirements.
• Experience with Governance, Risk, and Compliance (GRC) tools and automated compliance solutions.
• Experience with audit preparation and evidence management.
• Familiarity with scripting and automation tools like Python, PowerShell, or similar.
• Excellent organizational, analytical, and problem-solving skills.
• Good communication skills for effective collaboration across teams.
• Leadership in compliance and security excellence.
• Attention to detail and ability to spot weaknesses in systems.
• Ability to collaborate effectively in multidisciplinary teams.

Preferred Qualifications

• Enjoy working in the Berlin office with support for flexible work; thrives on in-person collaboration.
• Good understanding of public cloud technologies (GCP, AWS) focusing on compliance and security controls.
• Relevant certifications such as ISO 27001 Lead Auditor, CISM, CISSP, GDPR, SOC 2.
• Experience with GRC platforms and automation tools for evidence collection and monitoring.
• Strong understanding of internal and external audit processes including certification, surveillance, and recertification audits.

Offer

• Join a purpose-driven startup focused on fighting cancer and improving patient outcomes.
• Engage in cutting-edge AI research and development with academic partnerships.
• Work in a welcoming, diverse, and highly international team.
• Opportunity to take responsibility and grow your role within the startup.
• Learning & Development budget of 1,000€ annually plus 2 L&D days, language classes, and internal programs.
• Mentoring program with expert guidance.
• Flexible working hours and teleworking policy.
• 30 paid vacation days per year.
• Family and pet-friendly environment with flexible parental leave options.
• Subsidized memberships for public transport, sports, and well-being.
• Social gatherings, lunches, and off-site events for a fun and inclusive work environment.

Company Information