is a tech startup based in the industrial region of Ostwestfalen-Lippe in North Rhine-Westphalia, Germany.
We are on a mission to lead the generational shift in the service of industrial machinery and equipment. To achieve this, we are building the first AI-powered knowledge platform that enables companies – from medium-sized machine manufacturers to global enterprises – to pass on the expertise of today’s service specialists to the next generation.

We launched in early 2022 in our home region and have been growing rapidly on an international scale ever since.

What awaits you

findIQ is currently preparing for ISO 27001 certification and is looking for a driven and detail-oriented professional to actively support and shape this journey. In this initial phase, the focus will be on building, implementing, and formalizing our information security management system to ensure audit readiness.

Following the successful establishment of ISO 27001 structures, the role will gradually evolve into a broader IT Manager position. You will take on increasing responsibility for our IT landscape, business systems, and their continuous improvement, acting as a central interface between technical and business teams.

Your responsibilities:

Lead the end-to-end ISO 27001 certification process, including scoping, gap analysis, implementation, and audit preparation
Design, document, and implement the Information Security Management System (ISMS) in line with ISO 27001 requirements
Conduct and manage internal risk assessments, risk treatment plans, and Statement of Applicability (SoA)
Monitor regulatory and compliance landscape to ensure ongoing alignment with ISO 27001 and relevant data protection requirements (e.g., GDPR)
Maintain certification status through periodic surveillance and recertification audits
Define Business Continuity and Disaster Recovery (BC/DR) policies and procedures
Manage and administer corporate IT systems, including user provisioning, access management, and device management (Jamf pro platform)
Own identity and access management (IAM) — including onboarding and offboarding workflows, SSO, and MFA setup
Administer and maintain cloud environments, SaaS tools, and internal infrastructure (Microsoft 365 & Microsoft Azure Ecosystem like Microsoft Entra ID, Conditional Access, MS Defender, etc.)
Provide IT support and troubleshooting for internal team members
Establish and enforce data classification, handling, and retention policies
Manage backup and recovery systems, ensuring data integrity and availability
Evaluate, research and implement new IT tools and technologies as the organization scales
Assist the Head of Operations in documenting tools, processes, and workflows across business systems

Your profile

3+ years of experience in IT administration, IT security, or information security management roles
Experience writing shell scripts (Bash and PowerShell)
Proven experience leading or actively participating in an ISO 27001 certification project (hands-on ISMS implementation)
Solid understanding of ISO/IEC 27001 standard, controls, and audit requirements
Experience with risk assessment methodologies and security policy development
Proficiency with Microsoft 365 and the Microsoft Azure platform (esp. Microsoft Entra ID)
Strong knowledge of IAM, endpoint management, and network security fundamentals
Excellent documentation and technical writing skills
Strong communication skills in English (German is a plus)

Nice to Have

ISO 27001 Lead Implementer or Lead Auditor certification
CISSP, CISM, CompTIA Security+, or equivalent certifications
Experience with GDPR compliance in a B2B SaaS environment
Familiarity with SOC 2 or other security frameworks
Understanding of web-based APIs (like REST-APIs)
Background in a fast-growing startup or scale-up environment
Knowledge of DevSecOps practices and secure software development lifecycle (SDLC)

What we offer

An attractive salary: We offer fair compensation with performance-based components.

Trust: We give you what you need to become the best version of yourself.

Flexible working: We offer a hybrid model combining fixed office days with remote work.

A strong team: We work openly, appreciatively, and with genuine joy in what we are building together.

Individual development: We give you the chance to grow professionally and personally – including through paid training, coaching, and personal learning time.

Startup insights: You can expect close collaboration with and insights into the work of the founding team.

Additional benefits:
Up to 1 month of “work from anywhere” (in an EU country).
Workations and regular team events.
Educational leave (voluntary).
30 days of vacation.
Office pets (welcome by arrangement).
Charging stations for electric cars (at the Herford location).
Subsidies for further training and mobility.
Family-friendly working hours.
Diversity in action – be yourself. We are too.

Curious to learn more?

Then apply online now with your resume and relevant references.

Do you have any questions? Feel free to contact Senada directly at applications@findiq.de.

This position isn't quite right for you? We look forward to receiving your unsolicited application!

About us

findIQ is an innovative and fast-growing technology company from Germany that sees itself as a quality leader in knowledge transfer in machine service. With a novel approach, findIQ succeeds in preserving the experiential knowledge of service technicians and processing it intelligently to support the future generation of service providers - quickly, scalably, and with an eye to the future.

Join our team and help us shape the digital transformation of the industry!

Apply now

See more open positions at FINDIQ

Privacy policy Cookie policy