What is ICE?
ICE is the result of a big vision for the music industry that harnesses years of combined expertise in the multi-territory music market. We are the world’s first integrated processing hub offering copyright, online licensing and processing services.
Our customers include collecting societies, major and independent music publishers and digital service providers such as Facebook, YouTube, Mixcloud and Soundcloud. We work to help ensure composers and songwriters are compensated accurately and fairly for the use of their Works.
As part of ICE, you will be working with some of the most knowledgeable and dedicated experts in the industry. We collaborate closely with our customers to continuously develop our products and services to ensure the best results.
To expand our team in Berlin, we are looking for an:
IT Security and Compliance Officer (m/f/d)
The purpose of this role is to ensure that we follow the highest security and compliance standards throughout ICE while ensuring continuity of business.
Key Focus Areas:
- IT Security Controls and Compliance
- Knowledge of threat, incident, risk and vulnerability management
- Continuity of Business
- You act as the central point of contact for all IT security issues and constantly work on developing and implementing the security roadmap to maintain and improve the security level of ICE.
- You understand current and emerging threats and timely communicate them to management. You are able to propose cost effective and proportionate controls to address those threats where possible.
- Based on existing standards and laws, best practice approaches and your own research you define security requirements, derive security policies and ensure that IT is acting compliant.
- You work closely together with Enterprise Architecture, Development team and other IT teams to review existing, as well as new services to ensure security from day one.
- You define and coordinate security risk assessments and audits of IT systems.
- In case of a security incident you guide the IT Operations team. After an incident you coordinate route cause analysis and improvement actions.
- You are familiar with business continuity management and IT disaster recovery concepts.
- You are able to ensure compliance while understanding business needs and ensuring compliance controls don’t hinder day to day operations.
- Planning and coordinating the execution of the tests.
- Performing risk, impact and damage assessments.
- Finally, you are responsible for security awareness program for our users.
- You have a degree in a technical discipline or business administration.
- Minimum of 3 years' hands-on experience in IT Security and therefore a sound knowledge of security best practices and procedures as well as latest state of the art security tools.
- EBIOS, CRAMM, OWASP is not new to you.
- Experience with IAAS services on Amazon AWS or Microsoft Azure.
- This role is suited to a communicative and persuasive individual who likes to work independently but will also be able to build up an effective network and work in cross-functional teams.
- You have a strength in stakeholder management and are comfortable to discuss your recommendations with senior management.
- In addition, you have an analytical way of thinking and the ability to translate complex issues into easily understood principles.
- GDPR knowledge is an advantage.
- You are proficient in English and German.
- Knowledge of industry frameworks such as ISO 27001/27002.
- ITIL Qualification and experience.
- ICA Advanced Certificate in Compliance or similar.
- Ability to travel, 10% to 20% approximately.
We offer you the opportunity of being part of a high performing operations team. This is just the right time to explore the possibilities of a new professional path. Should it really appeal to you, we’re looking very forward to your application (online only, incl. your salary expectations and earliest possible start date.)