Senior Cyber Security Manager; f/m/div
Verfasst am 2026-07-03
-
IT/Informationstechnik
Cyber-Sicherheit, Informations-Sicherheit, IT Consulting, Sicherheits-Manager
Location: Straubing
Senior Cyber Security Manager (f/m/div.)
Full-time
At Keenfinity, we are passionate about innovative and professional security and communication solutions—with approximately 4,200 employees in over 50 countries worldwide. Our mission is clear:
We develop more than just technology—we secure, connect, and enrich life’s most important moments.
We bring the same passion to our work environment as we do to our products, an environment built on trust, appreciation, and personal responsibility. Together, we shape the future—boldly, with a focus on our customers, and with a strong team spirit.
Keenfinity Group’s Audio business combines decades of engineering expertise with a portfolio of globally trusted brands including Electro-Voice, Dynacord and Telex that power communication, collaboration and live experiences around the world.
Our solutions cover professional loudspeaker systems, installed and portable sound, conferencing systems, broadcast and production intercom, as well as certified public address and voice alarm systems for life‑safety applications.
From event stages, hospitality and conference venues to government institutions, transportation hubs, or industrial facilities, our professional sound and critical communication solutions help people be heard clearly, collaborate effectively, and communicate reliably when it matters most.
Next to our passion for technology we’re very passionate about our work environment. Based on values such as trust, appreciation, and accountability, we all work together to shape the future – boldly, customer‑focused and with a strong team spirit!
Security Strategy & GovernanceDefinition and implementation of a lean, risk‑based cyber security strategy aligned with business priorities
Adoption of security policies, standards, and controls across all digital platforms (CRM, frontend, APIs, ERP, MDM)
Ownership of identity & access management strategy (SSO, RBAC, least privilege)
Close collaboration with the E2E IT Architect to embed security into architecture design (secure‑by‑design)
Definition of security requirements for API‑first and headless architecture (OAuth2, OIDC, token‑based security)
Ensuring secure integration patterns across Salesforce, portal, iPaaS, and backend systems
Risk, Compliance & Operational SecurityExecution of risk assessments, vulnerability management, and penetration testing coordination
Ownership of monitoring, alerting, and incident response — acting as escalation point for security incidents and breaches
Ensuring compliance with GDPR, NIS2, ISO 27001 for example and internal audit requirements; defining data protection and classification standards
Governance & ReportingRegular reporting to leadership on security risks, compliance status, and security KPIs/KRIs
Participation in security governance boards and risk & compliance forums; escalation of critical risks to the central CISO Office
Ensuring lessons learned from incidents are translated into improvements
Security governance for external partners (Salesforce, implementation partners, SaaS vendors)
Definition of security requirements in contracts, DPAs, and architecture decisions
Acting as trusted security partner to business leadership — translating security policies into business‑relevant requirements and aligning security priorities with business objectives and risk appetite
EducationDegree in Cyber Security, Information Security, Computer Science, or related field
Experience and Know‑how7+ years in cyber security roles within modern cloud and SaaS environments; experience securing API‑first architectures and enterprise SaaS platforms; experience working in cross‑functional teams alongside architects, engineering, and business stakeholders.
Hands‑on experience with cloud security (AWS/Azure) and enterprise SaaS platforms, with deep knowledge of Salesforce security models. Strong understanding of OAuth2/OIDC, API gateway security, and securing integration layers (iPaaS, headless architecture). Working knowledge of ISO 27001, NIST CSF, NIS2, and GDPR, plus familiarity with risk frameworks (e.g. ISO 27005, FAIR)—able to translate framework requirements into pragmatic controls.
Nice to haveSecurity…
Um nach Stellen zu suchen, sie anzusehen und sich zu bewerben, die Bewerbungen aus Ihrem Standort oder Land akzeptieren, klicken Sie hier, um eine Suche zu starten: