Startup Insider logo
Startup Insider
  1. Startseite
  2. Jobs
  3. Chief Information Security Officer
  4. Chief Information Security Officer (f/m/d)
Orbem logoOR
Orbemorbem.ai

Chief Information Security Officer (f/m/d)

€120K – €135K YearlyBavaria, Germany (Remote)Vollzeit5h ago

We see the potential inside everything and everyone. Starting with you.

Orbem uses AI to industrialize MRI, delivering non-invasive insight into everything from fruits to eggs to the human body. We are transforming what is becoming the world's largest biological dataset into actionable intelligence to reduce waste, increase quality, and accelerate the shift toward a more sustainable and healthier future.

Headquartered and founded in Munich, Germany, with an office now in Houston, Texas, our world-class team is scaling inside-out technology to transform how humanity sees and understands biological matter.

Help us see what's possible. Join us.

Your Role

You will own Orbem’s Information Security function end-to-end at a pivotal moment.

Orbem achieved ISO 27001 certification in December 2025. We are now entering an active stabilization phase: controls are established, our external provider stack is being restructured, and a re-audit sits on the horizon. You will inherit this reality — and the authority to shape it.

This is a role for a hands-on, senior security practitioner who wants to shape a security function, not just run one — someone who thrives in ambiguity, makes high-stakes strategic calls with incomplete information, and can do the operational work themselves while orchestrating a deliberate external provider stack. Although we are looking for a strategist, you will also be required to support day-to-day security operations.

Your Day-to-Day

Strategy & Program Ownership (≈ 40%)

  • Lead our approach to the upcoming ISO 27001 re-audit. Assess the situation, make the strategic recommendation, and own the execution.

  • Set and maintain Orbem’s information security strategy aligned with our stage, our customers (enterprise food today, healthcare in our strategic line of sight), and our risk appetite.

  • Own the information security risk register end-to-end: build it where needed, maintain it, and run the risk review with key leadership peers.

  • Represent Orbem externally with auditors, enterprise customer security teams, and regulators in the CISO capacity.

  • Advise the leadership team on information security risk in product, go-to-market, and expansion decisions, including healthcare readiness planning.

Hands-On Execution (≈ 40%)

  • Own and continuously improve key operational security processes — including how we assess and manage risk across our vendor and supplier base, how security is embedded in key business workflows, and how we ensure controls translate from policy into practice.

  • Bring policies and controls to life. Identify which controls are most material, which to operationalize further, and which to consolidate — in partnership with the teams who will execute them.

  • Own the ISMS governance structure — ensuring that control reviews, evidence collection, management reviews, and internal audits happen to a high standard, whether through direct execution, external support, or a combination.

  • Lead incident response as incident commander for security-relevant events, with the Security Engineering team as technical co-lead.

  • Write clear policies, clear communications, clear decisions. You will author or co-author most of the security-related writing that leaves this function.

Orchestrating the External Stack & Lateral Leadership (≈ 20%)

  • Manage a deliberate external provider stack. You will not build everything in-house. You will orchestrate a set of external partners — examples include audit preparation support, data protection advisory services, a managed security service provider, penetration testing, and an ISMS and compliance management platform. For each, you contribute to the build-vs-buy decision and own the ongoing relationship.

  • Collaborate closely with the Security Engineering team through a close working relationship that connects governance and technical security.

  • Co-build a Security Ambassadors network with the Security Engineering team — empowered technical leads across business teams who champion security in their own context.

  • Leverage AI and automation aggressively across the security programme — compliance evidence collection, vendor review, policy drafting, user training, awareness — to keep the function lean.

How You Fit In

This is an individual contributor role at Principal level. Your influence is lateral, not hierarchical. You will work alongside the General Counsel, the Corporate Operations lead, the Procurement & Supply Chain lead, and the Security Engineering team. You will interact with the full executive team on security-relevant decisions.

Your Experience and Skills

  • Scale-up security leadership experience. You have been the #1 or #2 information security compliance person at a company in the 150–600 FTE range.

  • ISO 27001 lived experience. You have personally guided a company through an ISO 27001 cycle. You can make a credible audit strategy recommendation because you have seen the consequences of each option in practice.

  • Hands-on operator. You have personally set up security processes and controls — not only specified or overseen them. You are comfortable running a security register, writing policies, running workshops, and sitting in working meetings to ship work.

  • Comfort without a large team. You are motivated by being the person in the room, not the person who built the room.

  • Resilience. Security leadership means making hard calls — sometimes unpopular ones, sometimes under time pressure. You are energised by that responsibility, not deterred by it. You stand behind your decisions and own the business outcomes.

  • Communication. You can translate security risk into business decisions for a non-security executive team, and technical specifics for engineers. You write and speak clearly.

What Makes You Stand Out

  • Experience navigating an ISO 27001 re-audit.

  • Familiarity with the European regulatory landscape (GDPR, NIS2, EU AI Act) and a working understanding of US frameworks (SOC 2).

  • Deep-tech, AI/ML, or industrial product context. Our security surface is not SaaS-shaped — edge devices, hardware, industrial customers, imaging data.

  • Experience working with and evaluating external security and compliance service providers.

  • Comfort with AI-first working. We expect you to use AI to compress the work — and to own the output, not just the prompt. You also bring an informed view on how to monitor and govern AI usage internally.

Fit to Our Values

  • We Own Every Challenge: we enjoy complexity and thrive under uncertainty.

  • We Strive for Better: we seize any opportunity for growth and challenge the status quo. We are constantly learning and improving.

  • We Imagine New Frontiers: we think beyond “doable” and “reasonable”. We design a sustainable and healthy future together.

What We Offer

International Environment:

  • Join a team with 40+ nationalities across 5 continents, all driven by a shared purpose: shedding light on the world’s toughest challenges.

Comprehensive Benefits:

  • Stock Options:Share in Orbem’s success.

  • Relocation Support:Seamless support for your move to Germany.

  • Learning & Development:€1,750 annual budget for personal growth.

  • Fitness Membership:Access to Urban Sports Club or Wellpass.

  • Childcare Reimbursement:Support for Kita/Kindergarten fees.

  • Deutschland Ticket:Full coverage of public transportation.

Work-Life Integration:

  • Flexible Hours & Home Office:Work when and where it suits you.

  • WFH Perks: Get €185 to upgrade your home office + an external monitor on us!

  • 30 Days Paid Leave:Plenty of time to recharge.

  • Personal Leave:Flexibility for life’s important moments.

  • Work From Anywhere:Experience new cultures and environments for up to 60 days per year.

Make a Difference:

Join an ambitious, fast-growing team working on breakthrough technology. In our scale-up environment, you'll have the freedom to lead your projects and make an impact. We provide a platform for you to explore, innovate, and define your vision for the future. At Orbem, we're committed to helping you discover your strengths, and while we aim to teach you, we also want to learn from you.

Your Team:

You'll become part of our diverse and international team. Learn more about the team members, their work, and challenges here: https://orbem.ai/company/

At Orbem, we're committed to building a smart, diverse team, and we recognize that self-doubt can prevent talented individuals from applying. If you feel you don't meet every requirement, we'd love to hear from you anyway!

Salary: €120K – €135K • €120K – €180K Equity

Kategorien

Chief Information Security Officer
Information Security Leadership
Security Compliance
ISO 27001
CISO

Fähigkeiten

ISO 27001
GDPR
NIS2
EU AI Act
SOC 2
Information Security Management System
Security Risk Register
Incident Response
Vendor Risk Management
Security Engineering
Compliance Management
Penetration Testing
AI/ML Security
Policy Writing