In German https://bit.ly/3Qqt0Q5> 

At PlayPlay, we empower teams to create powerful story telling via video at scale. Operating in a B2B environment with enterprise clients who demand the highest security standards, we handle sensitive brand assets and data that require enterprise-grade protection. We're seeking a security-first leader to elevate our security posture while managing our infrastructure foundation.

Reporting to the CTO, you'll lead our Security and Infrastructure teams (4-5 engineers), with a primary focus on building a world-class security organization. You'll be responsible for our overall security strategy, governance framework, and risk management program while ensuring our infrastructure supports these security requirements.

Your Role: Impact, Ownership, Innovation

As Head of Security and Infrastructure, you will:

Security Leadership - 70% of focus

Security Strategy & Governance

• Maintain and improve our comprehensive security governance framework aligned with industry standards such as the ISO 27001

• Develop and maintain security policies, standards, and procedures

• Lead security awareness and training programs across the organization

• Drive the security certification roadmap - SOC 2, ISO 27001

• Define and track security metrics and KPIs

Risk Management & Compliance

• Maintain an enterprise-wide security risk management framework

• Lead threat modeling and risk assessments for new features and architectures

• Ensure compliance with data protection regulations (GDPR, CCPA) and participate to Data Privacy group

• Partner with Legal on security and privacy compliance matters

Security Operations & Monitoring

• Design and implement a Security monitoring strategy

• Establish security detection rules and alerting

• Oversee vulnerability management and bug bounty programs

• Lead security incident response

Security Business Partner

• Lead security discussions with enterprise clients including security aspects of client contracts and security questionnaires

• Build relationships with client security teams

Infrastructure Leadership - 30% of focus

Cloud & Infrastructure

• Leverage DevOps expertise to design a secure cloud infrastructure following zero-trust principles

• Implement infrastructure security controls and monitoring

• Oversee identity and access management (IAM) strategy

Infrastructure Operations

• Guide infrastructure automation and IaC practices

• Oversee disaster recovery and business continuity planning

• Optimize infrastructure costs while maintaining security requirements

Senior Technical leadership

• Lead, mentor, and support growth of your engineers

• Shape the Roadmap: Collaborate with Tech Leads to design, propose, and execute an 18-month strategic roadmaps for security and infrastructure initiatives

• Collaborate with other engineering leaders to align infrastructure capabilities with product needs

• Bugdet: Own the infrastructure and security budgets, making strategic decisions about tooling and resources

• Nurture a Positive Environment: Build a cohesive, collaborative, and positive team culture where everyone feels valued, supported, and empowered to excel.

What We’re Looking For:

• 5+ years of experience in security and infrastructure engineering including 2+ years of engineering management

• Security - Solid knowledge of Security frameworks (ISO 27001, , EBIOS-RM), Risk management methodologies & Security Governance routines, Cloud security best practices, Compliance frameworks (GDPR), Security tools and technologies (SIEM, EDR, WAF)

• Knowledge of Infrastructure as Code, Container security, Network security, API security, CI/CD security integration

• Solid communication skills and ability to explain complex technical concepts in both english and french

You’ll Stand Out If:

• You have a solid knowledge of security & technical culture regarding infrastructure including CISSP, CISM, or equivalent security certifications and a background in B2B SaaS security

• You’re passionate about mentoring and growing engineering talent, from junior engineers to staff engineers.

• You’re great at communicating complex topics to any audience - Executives, Clients, Engineers, Sales…

• You have experience with large-scale cloud-based infrastructure and security policies at big corporates.

• You’re hands-on when needed, balancing leadership with technical insight.