• Take a central role in designing and implementing security-relevant components within Managed Services • Develop and maintain Key Management Systems (KMS) with KMIP interfaces, including client and server logic • Implement KMIP operations such as Create, Register, Get, Locate, Destroy, Encrypt/Decrypt, Sign/Verify • Analyze, parse, and produce KMIP messages (TTLV, and optionally JSON) • Manage different object types such as Symmetric Keys, Public/Private Keys, Certificates, Templates, and Secret Data • Integrate and configure KMIP clients in applications such as databases, storage systems, and application servers • Establish and maintain TLS-secured connections (including mutual TLS and client certificates) between the KMS and KMIP clients

• Conduct comprehensive security and third-party risk assessments to ensure initiatives align with MFA policies, standards, and regulatory requirements, including HIPAA, HITRUST, HITECH, and other applicable healthcare regulations • Identify risks and recommend remediation strategies using risk-based prioritization, mitigating controls, and continuous improvement methodologies • Evaluate, develop, and recommend information security assessment tools, processes, and techniques • Develop and deliver HIPAA security training and awareness programs • Collaborate with internal stakeholders to identify, track, manage, and report security risks • Build, enhance, and support security operations capabilities, including monitoring and response • Develop, implement, and maintain security policies, standards, and procedures to support enterprise-wide risk mitigation • Contribute to and maintain best practices, methodologies, documentation, and templates • Support and coordinate compliance-focused programs and initiatives across the organization • Mentor and support team members on information security practices and standards • Support environments that include hybrid on-premises infrastructure, cloud platforms, and SaaS solutions • Participate in a 24x7 on-call rotation for Information Security • Perform other duties as assigned that are consistent with the role and organizational needs

• Du analysierst Kundenanforderungen im Bereich Daten- und Informationssicherheit, entwickelst maßgeschneiderte Lösungen mit Microsoft Purview und unterstützt als strategische r Sparringspartner in beim Aufbau langfristiger Data-Security-Strategien. • Heißt konkret: du berätst proaktiv, implementierst die Lösungen zusammen im Team und entwickelst konkrete Use Cases, um die Strategien praxisnah umzusetzen. • In Workshops und Trainings vermittelst du praxisnahes Wissen und zeigst unseren Kund:innen, wie z.B. GenAI, Copilot & Co. sicher mit Microsoft Purview abgesichert werden können. • Du beobachtest Markttrends, leitest daraus Use Cases und Business Cases ab und bringst neue Geschäftsmöglichkeiten aktiv in unser Setup ein. • Dabei lebst du ein echtes Presales-Mindset: Lösungen überzeugend präsentieren, positionieren und verkaufen – direkt beim Kunden, auf Events, Roundtables oder Bühnenauftritten. • Gleichzeitig unterstützt du dein Team als Mentor*in, teilst Wissen und förderst die Weiterentwicklung der Kolleg:innen.

• As part of a newly created staff unit, you will take on a key role as Information Security Officer in ensuring information security and will help us further develop and maintain our standards. • You will be responsible for establishing, managing and continuously advancing a company-wide IT security strategy. • You will position IT security as a competitive advantage for chargecloud in the SaaS market. • Develop and maintain a company-wide security strategy that meets our high standards and regulatory requirements. • Define and implement security principles, policies and standards that create a clear foundation for information security across the company. • Take technical responsibility for our Information Security Management System (ISMS) and its continuous improvement. • Support and prepare ISO 27001 audits, including creating the necessary documentation and reports. • Provide technical leadership and work closely with central IT, platform, cloud and engineering teams to translate security requirements into actionable technical measures. • Apply hands-on technical skills, e.g., in Identity & Access Management (IAM), CI/CD pipelines, and cloud and platform architectures to implement security solutions effectively. • Be responsible for compliance topics, particularly with regard to regulatory requirements.