Information Security Officer - Frankfurt

Location: Frankfurt (Hybrid, 2–3 days per week onsite)

Reports to: Information Security Manager (UK)

Sector: Professional Services

Contract: Permanent

Overview

A leading Professional Services firm is expanding its global Information Security team and is seeking an experienced Information Security Officer to join its growing European security function.

This role is part of a global “follow-the-sun” model, working alongside security specialists based in the UK, Singapore, and New York. The position will be key to strengthening the organisation’s security posture, managing information security programmes, and ensuring compliance with international standards and regulations.

The ideal candidate will be a trusted advisor with a strong technical foundation, capable of managing security risks in a highly regulated, client-facing environment.

Key Responsibilities

• Act as a trusted advisor on information security matters, supporting business stakeholders across multiple regions.
• Deliver and maintain security programmes and processes to reduce information risk and strengthen the firm’s overall security posture.
• Monitor, measure, and report on the effectiveness of information security controls, identifying trends and recommending improvements.
• Conduct supply chain due-diligence assessments, manage the assessment platform, and coordinate with strategic sourcing and legal teams.
• Oversee and audit third-party IT service providers, ensuring compliance with security policies, monitoring access to systems and data, and identifying vulnerabilities.
• Support client and external audit responses, assisting the business development team with security components of RFPs and client pitches.
• Participate in penetration testing, internal investigations, and data discovery exercises in collaboration with Legal, HR, and Risk teams.
• Support the operation of the ISMS and help maintain ISO 27001 and Cyber Essentials certifications.
• Contribute to ongoing incident response and monitoring activities, ensuring timely action in line with the firm’s “follow-the-sun” coverage model.
• Collaborate with technology and data teams to ensure security best practices are embedded into system design and configuration.

Key Technologies & Tools

• Endpoint monitoring and incident response
• Microsoft Azure, Microsoft 365, Exchange Online, and Workday
• ServiceNow, Datadog, and automation/scripting tools

Profile & Requirements

• Degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
• Minimum 5 years’ experience in information or cyber security roles within complex organisations.
• Relevant certifications such as CISSP, CISM, or CompTIA Security+ are required or highly desirable.
• Strong understanding of information security frameworks and regulations (e.g. ISO 27001, NIST, DORA).
• Proven experience working with or auditing third-party IT service providers or managed service environments.
• Excellent communication and stakeholder management skills — able to explain technical concepts clearly to non-technical audiences.
• High level of trust, confidentiality, and professionalism when handling sensitive data.
• Energetic, proactive, and comfortable working autonomously within a global, collaborative environment.

Additional Information

• This is an individual contributor (L3) role — a senior subject matter expert position with future growth potential as the European IT and Security team expands.
• Exposure to security audits, client interactions, and cross-regional collaboration will be key parts of the role.
• The firm operates a hybrid model (2–3 days per week onsite in Frankfurt) and offers opportunities for long-term career development within a growing global security function.