IT Security Engineer – NIS2 & Cybersecurity Lead

About the role

We are looking for an IT Security Engineer to protect our international IT infrastructure, digital assets and products. Reporting directly to the C‑level, you will professionalise and scale our security foundations to meet NIS2 requirements and support rapid growth.

Key responsibilities

• Take full operational and strategic responsibility for IT security across a complex, highly sensitive system landscape.
• Advise R&D and engineering teams on “Security by Design”, improving product cybersecurity throughout the development lifecycle.
• Lead implementation and ongoing management of NIS2 compliance and align processes with international standards.
• Provide regular updates and risk assessments to the C‑level.
• Operate and harden endpoint security, monitor client and server infrastructure.
• Detect, analyse and lead response to security incidents, including forensic investigations.
• Conduct vulnerability assessments, enforce patch and update discipline.
• Design firewall, proxy and network security policies and harden network interfaces.
• Lead security‑related projects and coach IT and engineering teams.
• Serve as senior escalation point for complex security issues.

Required profile

• Minimum two years of professional IT‑security experience, preferably in a regulated or product‑driven environment.
• ISO 27001 certification (Professional or Internal Auditor) or equivalent credential.
• Knowledge of security frameworks and experience with NIS2 compliance.
• Strong communication skills in German and English, able to convey technical risks to senior management.
• High flexibility to work in a fast‑moving startup environment.

Required skills

• Network security – firewalls, VPN, routing, proxy.
• Endpoint security and hardening.
• Security Operations – SIEM, incident handling, log analysis, forensic analysis.
• Vulnerability assessment and remediation.
• Patch management and update discipline.
• Design of firewall, proxy and network security policies.
• ISO 27001 and NIS2 compliance knowledge.

What we offer

• Competitive base salary and stock options.
• Key role in a fast‑growing, internationally diverse startup.
• Opportunity to impact a product that advances cancer understanding and treatment.