< Back to search

Fully-remote

Fully flexible hours

Dog friendly

Apply now

Job Description

Established in 2017, Storyblok has rapidly ascended to the forefront of the global headless CMS landscape. Our vision is to “pioneer the future of content management, removing barriers between developer and marketing teams by offering an intuitive, scalable, and intelligent platform to deliver digital experiences from idea to success”.

Our team is made up of smart, passionate individuals who excel in their work. People who are comfortable taking on big ideas and figuring out the details along the way. With a dynamic team of over 220+ passionate individuals spanning 45+ countries, we're not just breaking boundaries; we're redefining them!

Our recent $80m Series C funding round, secured in June 2024, marked a crucial milestone for us. It has fueled our remarkable growth in the US market and accelerated our ongoing expansion and advancements across EMEA.

We're proud recipients of numerous awards, including recognition in G2's 2024 Best Software Awards. As a remote-first company, we have been officially recognized as one of the top 100 most flexible places to work, ranking #3 in the scale-up category as per Flexa Careers.

WHAT IS IN IT FOR YOU

You will be joining a growing company where you can contribute to many “firsts”. Plus these benefits:

  • Monthly remote work stipend (home internet costs, electricity). Home office equipment package right at the start (laptop, keyboard, monitor…)
  • Home office equipment upgrade (furniture, ear plugs …) or membership to a local co-working space after your onboarding
  • Sick leave benefit, parental leave and 25 days of annual leave plus your local national holidays
  • Personal development fund for courses, books, conferences, and material
  • VSOP (Virtual Stock Option Plan)
  • The annual international team-building trip, quarterly and monthly online get-togethers
  • As a fully remote company, with work-life balance at its core, you’ll enjoy flexible schedules
  • An international team that loves to have fun at work and works hard together to accomplish shared goals

This role will design Storyblok’s information security strategy and lead all compliance and audit processes. Ensuring the risk and vulnerability assessment activities are carried out according to the ISO 27005 Standard. The information security manager will also plan steps to mitigate the identified risks. The person will lead the incident response process for security breaches and coordinate relevant teams. The role will collaborate with different functions and is responsible for training, supporting and coordinating different team members.

ESSENTIAL JOB FUNCTIONS

  1. Design the information security strategy, document it, and enable the team:
    • Design a strategy and a road map for Storyblok’s information security management system.
    • Develop, implement, and maintain information security policies, guidelines, documentation, and processes.
    • Align security policies with Storyblok’s goals and regulatory requirements.
    • Manage the roll-out of information security changes and ensure policies are communicated and enforced throughout the company.
    • Enable and train the team on security-related topics.
  2. Risk Management:
    • Ensure that risk and vulnerability assessment activities are carried out according to the ISO 27005 Standard.
    • Identify any vulnerable areas within the company by actively reviewing results from risk assessments and proposing immediate mitigation steps.
    • Actively review reports from pentests and ensure timely resolution by the product team.
  3. Incident Response:
    • Lead the incident response process for security breaches and coordinate the process with all relevant teams.
    • Develop and maintain an incident response plan.
    • Coordinate with relevant teams to investigate and respond to security incidents.
  4. Compliance and Audit:
    • Ensure compliance with relevant laws, regulations, and certification standards (e.g., GDPR, ISO, Fedramp, Privacy Acts).
    • Prepare for and manage security audits - ISO, Fedramp - to maintain or receive certificates.
    • Implement corrective actions and strategies based on audit findings.
    • Stay updated on the latest security trends, technologies, and standard updates.
  5. Technical Security Measures:
    • Oversee the implementation and maintenance of security technologies or tools.
    • Monitor our information security landscape and ensure these systems' secure configuration and management.
    • Design automated, scalable, and efficient information security solutions.
  6. Management:
    • Collaborate with multiple internal teams to improve our information security system.
    • Mentor and coordinate team members who are part of our information security processes to complete projects successfully.
    • Support other team members with their security questionnaires and vendor process.
    • Promote a culture of security awareness within the organization.
    • Lead the communication with any external security-relevant parties.

Qualifications:

  • More than 7 years relevant experience in Information Security or Cybersecurity.
  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • Proven experience in successfully implementing Fedramp and at least one more information security related certification like ISO 27001, SOC, NIST.
  • Experience with setting up and maintaining an information security environment in a remote setup.
  • Professional certifications such as, CISM (Certified Information Security Manager), ISO 27001 LI or equivalent.
  • Work experience in a company that is ISO 27001 and Fedramp certified.
  • Strong experience with MDM, Authentication Management, Infrastructure and other information security-relevant tools.
  • Strong analytical, problem-solving, and decision-making skills.
  • Excellent communication and interpersonal skills.
  • Ability to manage multiple projects and priorities in a fast-paced environment.

Preferred Skills:

  • Experience with Google Workspace
  • Experience with security information and event management (SIEM) systems.
  • Knowledge of cloud security principles and practices.
  • Experience in incident response and digital forensics.
  • Understanding of secure software development practices.
  • Knowledge about Cybersecurity
  • Good GDPR and Privacy skills

Nice to Have:

  • CISSP (Certified Information Systems Security Professional)

MENTAL, PHYSICAL AND ENVIRONMENTAL REQUIREMENTS

Remote (home) work opportunity or funded by Storyblok co-working space

GENERAL TERMS

Storyblok has a commitment to diversity and inclusion. We strive to create a hiring environment in which all people feel they are equally respected and valued, irrespective of gender identity or expression, sexual orientation, ethnicity, age, religion, citizenship or any other characteristic. You can find more information about our privacy policy here.

Here is a sneak peek of Storyblok’s Visual Editor

Company benefits

Enhanced maternity leave
Enhanced paternity leave
Work from home stipend
Hofy home office set up
Co-working space allowance – @Regus or a local one
Flexible working week
Travel insurance
25 days annual leave + bank holidays
Share options
Teambuilding holidays
Personal development budgets – 1200€/year
Employee assistance programme
Financial coaching
Company wide holidays/offsites
Teambuilding days
L&D budget – internal and external trainings
Mental health platform access
Carer’s leave
Flexible Personal Development Fund
Location
98%
Employees are very happy with their working location freedom
Hours
95%
Employees are very happy with the flexibility in the hours they work
Benefits
86%
Employees are very happy with the benefits their company offers
Work-life balance
89%
Employees feel that they can find the perfect balance of life and work
Role modelling
95%
Employees feel that flexible working is part of the culture
Autonomy
90%
Employees feel they have complete autonomy over getting their work done

Working at Storyblok

Company employees

234

Gender diversity (male:female)

60:40

Office locations

We are a remote-first company, without offices, but with entities in Austria, Germany and the USA

Funding levels

$80,000,000 Series C

Hiring Countries

Global

🌍

Awards & Achievements

3rd – Scaleup companies

3rd – Scaleup companies

Flexa100 2024
2nd – SaaS & Software

2nd – SaaS & Software

Industry awards 2023

Other jobs you might like