FreeHire

keenfinity

Senior Cyber Security Manager (f/m/div.)

Show

Keenfinity Group’s Audio business combines decades of engineering expertise with a portfolio of globally trusted brands including Electro-Voice, Dynacord and Telex that power communication, collaboration and live experiences around the world.

Our solutions cover professional loudspeaker systems, installed and portable sound, conferencing systems, broadcast and production intercom, as well as certified public address and voice alarm systems for life-safety applications.

From event stages, hospitality and conference venues to government institutions, transportation hubs, or industrial facilities, our professional sound and critical communication solutions help people be heard clearly, collaborate effectively, and communicate reliably when it matters most.

Next to our passion for technology we’re very passionate about our work environment. Based on values such as trust, appreciation, and accountability, we all work together to shape the future – boldly, customer-focused and with a strong team spirit!

As a Senior Cyber Security Manager, you will define, implement and enforce security standards across our modern, API-driven digital landscape. This role ensures the protection of our commercial platforms (esp. Salesforce, frontend, portal, integrations) while enabling speed and scalability in a fast-paced, resource-conscious environment where you'll need to balance multiple priorities.

Operating within a federated CISO model and the First Line of Defence, you will act as the primary security interface between the Audio business unit and the central CISO Office, and the central authority for cyber security across the Audio business unit's IT landscape, balancing risk mitigation with business agility and ensuring compliance with relevant regulatory frameworks (NIS2, GDPR, ISO 27001, and DORA where applicable).

Security Strategy & Governance

  • Definition and implementation of a lean, risk-based cyber security strategy aligned with business priorities

  • Adoption of security policies, standards, and controls across all digital platforms (CRM, frontend, APIs, ERP, MDM)

  • Ownership of identity & access management strategy (SSO, RBAC, least privilege)

Architecture & Platform Security

  • Close collaboration with the E2E IT Architect to embed security into architecture design (secure-by-design)

  • Definition of security requirements for API-first and headless architecture (OAuth2, OIDC, token-based security)

  • Ensuring secure integration patterns across Salesforce, portal, iPaaS, and backend systems

Risk, Compliance & Operational Security

  • Execution of risk assessments, vulnerability management, and penetration testing coordination

  • Ownership of monitoring, alerting, and incident response — acting as escalation point for security incidents and breaches

  • Ensuring compliance with GDPR, NIS2, ISO 27001 for example and internal audit requirements; defining data protection and classification standards

Governance & Reporting

  • Regular reporting to leadership on security risks, compliance status, and security KPIs/KRIs

  • Participation in security governance boards and risk & compliance forums; escalation of critical risks to the central CISO Office

  • Ensuring lessons learned from incidents are translated into improvements

Vendor & Stakeholder Management

  • Security governance for external partners (Salesforce, implementation partners, SaaS vendors)

  • Definition of security requirements in contracts, DPAs, and architecture decisions

  • Acting as trusted security partner to business leadership — translating security policies into business-relevant requirements and aligning security priorities with business objectives and risk appetite

  • Education: Degree in Cyber Security, Information Security, Computer Science, or related field

  • Experience and Know-how: 7+ years in cyber security roles within modern cloud and SaaS environments; experience securing API-first architectures and enterprise SaaS platforms; experience working in cross-functional teams alongside architects, engineering, and business stakeholders . Hands-on experience with cloud security (AWS/Azure) and enterprise SaaS platforms, with deep knowledge of Salesforce security models. Strong understanding of OAuth2/OIDC, API gateway security, and securing integration layers (iPaaS, headless architecture). Working knowledge of ISO 27001, NIST CSF, NIS2, and GDPR, plus familiarity with risk frameworks (e.g. ISO 27005, FAIR) — able to translate framework requirements into pragmatic controls

    • Nice to have: Security certifications (e.g., CISSP, CISM, CISSP-ISSAP, AWS Certified Security – Specialty); experience contributing to large-scale technology transformation programmes (e.g., SAP/cloud migration, ERP rollouts, post-M&A integration)

  • Personality and Working Style: Pragmatic, risk-based judgement; able to balance security rigour with business enablement; comfortable navigating ambiguity in a fast-moving environment

  • Languages: Fluent English (written and spoken) required; working German preferred.

This position can also be filled at the Straubing or Ovar locations.

At Keenfinity we don’t just build innovative solutions — we shape a smarter, more connected world through technology.

We value different backgrounds, ideas, and experiences and we’re committed to growing, learning, and celebrating success as one team. Everyone is welcome here — we foster an environment where everyone is respected, valued, and encouraged to be their authentic self.

Keenfinity is an equal opportunity employer, offering equal opportunities for all. We welcome applications from people with disabilities and can offer support, if needed. When everyone has a chance to contribute, we all do better.

Questions about the application process?

Sarah Wurm (Human Resources)
sarah.wurm@keenfinity-group.com