Manager Information Security / Stv. VS-IT-Beauftragter

Who we are Helsing is a defence AI company. Our mission is to protect our democracies. We aim to achieve technological leadership, so that open societies can continue to make sovereign decisions and control their ethical standards.   As democracies, we believe we have a special responsibility to be thoughtful about the development and deployment of powerful technologies like AI. We take this responsibility seriously.   We are an ambitious and committed team of engineers, AI specialists and customer-facing programme managers.  We are looking for mission-driven people to join our European teams – and apply their skills to solve the most complex and impactful problems. We embrace an open and transparent culture that welcomes healthy debates on the use of technology in defence, its benefits, and its ethical implications.   The role This is a rare opportunity to play a pivotal role at the intersection of cutting- edge defence technology and classified information security, working on some of the most sensitive and strategically significant programs in Europe. You will take ownership of a live, scaling ISMS — helping to export and embed ISO 27001 and BSI IT-Grundschutz frameworks across multiple countries and entities — while simultaneously contributing to the build- out of a NATO Classified Infrastructure and a next-generation Cyber SOC. No two days will look the same: from consulting delivery teams on security concepts and driving audit readiness, to shaping incident management procedures across a rapidly growing international organisation. If you thrive in high -tempo, high -stakes environments and want your work to genuinely matter at a national and alliance level, this role was built for you. The day-to-day Take ownership of the day-to-day management and continuous improvement of the ISMS, ensuring frameworks remain audit- ready and aligned with ISO 27001 and BSI IT-Grundschutz requirements across Germany and international entities including the UK, France, and beyond. Act as a trusted security advisor to delivery teams across a portfolio of high-priority defence programs, consulting on the implementation and documentation of security concepts and ensuring compliance with VS-NfD operational requirements. Drive the planning, coordination, and execution of internal and external audits, as well as penetration testing activities, managing findings through to resolution and maintaining a culture of continuous security improvement. Contribute directly to the design and establishment of a foundational NATO Classified Infrastructure, navigating the complex compliance and accreditation requirements this entails alongside existing national commitments. Support the build-out of the Cyber SOC, helping to define processes, tooling, and operational procedures that will form the backbone of the organisation's detection and response capability. Develop, implement, and refine Incident Management procedures, ensuring the organisation is prepared to respond swiftly and effectively to security events across classified and unclassified environments. Participate in on-call rotations with a minimum commitment of one week per month, providing out-of-hours security support and incident response coverage as the organisation scales across multiple international locations. You should apply if you Have 2–4 years of hands-on experience in Information Security or IT Security within NATO, EU, or German national classified environments, and are ready to take that expertise to the next level in a fast-moving, high-stakes setting. Hold expert-level knowledge of ISO 27001 and BSI IT-Grundschutz and have practical experience implementing, managing, or auditing these frameworks — not just understanding them in theory. Are deeply familiar with VS-IT systems, accreditation processes, and the compliance demands of classified networks, and can hit the ground running without extensive onboarding. Thrive in environments where no two days are the same — equally comfortable advising engineers on security concepts in the morning and preparing audit documentation in the afternoon. Have a solid grasp of core security technologies including SIEM, PKI, IDS/IPS, and cryptographic systems, and understand how these operate within classified and defence - grade environments. Are excited by the prospect of building something — whether that is a Cyber SOC, a NATO infrastructure, or an internationally scalable ISMS — and want to leave a tangible mark on an organisation at a defining moment in its growth. Hold an active German security clearance at Ü2/Ü3 level, or are fully eligible and willing to undergo formal vetting in accordance with the SÜG, and understand that operating in this space comes with a responsibility that you take seriously. Note: We operate in an industry where women, as well as other minority groups, are systematically   under-represented. We encourage you to apply even