About the job
More than just sharing.
UMI Urban Mobility International GmbH puts electric vehicles on the road using the sharing principle. But we are so much more: as developers of holistic mobility concepts, we intend to make cities healthier, greener, less cluttered and more appealing places to live, now and for generations to come.
What is WeShare and why does it exist?
WeShare is a service provided by UMI, and UMI is a sub-subsidiary of Volkswagen AG. This means that we not only have big ideas but also the resources to bring them to life. When it comes to mobility services, our goals are far from complete.
Why We Do What We Do.
Cities are organisms: they grow and change. We intend to contribute by helping to shape the future of our cities. Flexible mobility has the potential to change our lifestyle forever, we intend to lead the charge away from individual ownership toward sustainable mobility.
Having successfully launched Berlin in June 2019, WeShare, our 100% electric car-sharing service is continuing to grow and adapt.
As part of our Team you will:
Develop, implement and be fully responsible for the technical security concepts of our platform services and internal IT structures
Take on the role of CISO, setting up and taking charge of our Information Security Management System (ISMS) according to ISO27000 et seq.
Closely work with internal stakeholders, especially our Engineering team and data protection commissioner to secure our systems against unwanted access, changes and/or deletion
Collaborate with and control the work of our third-party providers and partners, and sensitize them to our guidelines if necessary
Analyze and evaluate incidents and pentests, conduct risk assessments and derive recommendations of action for our Engineering team
You have successfully designed, set up and managed a technical security architecture for a highly frequented B2C platform – ideally in a corporate start-up
You have profound knowledge in the analysis and evaluation of security risks and incidents, as well as new technologies
You have 300 hours creditable audit experience
You have experience in Information Security Management Systems in accordance with ISO27000 et seq, ISO27001 Lead Auditor Certification as well as a deep understanding of European data protection laws
Your English is fluent, your stakeholder management is excellent and your problem-solving skills are outstanding