Information Security & Compliance Lead (m/f/d)

LOCATION: Hamburg. (Hybrid remote possible)
START: Immediately. (Start: e.g. Jan/Feb 2026)

About Blockbrain

We are looking for an Information Security & Compliance Lead for our AI startup who can reliably manage data protection and security standards. You will ensure that we meet all regulatory requirements despite rapid growth—a challenging task in one of Germany’s leading AI startups.

About Blockbrain

For medium-sized companies, knowledge is the last real competitive lever. But information is stuck in tools, databases, and SharePoint folders—or disappears with experts who retire. Knowledge work processes remain manual, even though AI could deliver direct ROI here. And while IT is still planning, employees have long been using ChatGPT, Perplexity, Gemini, DeepSeek & Co – without control, without guidance, and sensitive data is flowing away.

Our mission: We elevate human knowledge with responsible AI.

With the Knowledge Bots platform, we create what companies really need: AI-supported knowledge management that can be implemented quickly, grows flexibly with the company, and functions compliantly across all processes, departments, and industries. Teams use our GenAI construction kit to build customized AI assistants, agents, and workflows in minutes—just like Lego.

Instead of standard solutions such as Copilot, which everyone uses and which offer no competitive advantage, companies are using their own knowledge and specific processes as a differentiator – enriched with internal and external data, without hundreds of vendor integrations. Everything on a central platform: no-code, enterprise-ready, seamlessly integrated into existing systems, and scalable via API.

What sets us apart:

  • Strong growth momentum: Strong VC funding, we are winning enterprise deals against MS Copilot, Perplexity, ChatGPT, Harvey & Co. – with the highest conversion and engagement rates in the industry.
  • Category champions trust us: Roland Berger, EY, IONOS (consulting), Bardehle Pagenberg, SGP (legal), Bosch Rexroth, Motherson, Kärcher, Harting (industrial), Giesecke+Devrient, CHG Meridian, LBBW (finance), and many more.
  • Experienced team with high talent density: Co-founder of Statista, Bosch executive, WHU, Antler, IBM, Amazon, Trumpf – experts in big data, process automation, B2B SaaS, generative AI, and cybersecurity. Agile builders at heart.

Website: www.theblockbrain.ai

Your role

As Information Security & Compliance Lead, you will play a central role in our company’s success. You will manage our ISMS in accordance with ISO 27001 and continuously develop it further. At the same time, you will use intelligent compliance strategies to ensure that we stay ahead of customer requirements. You will manage to design security and data protection in such a way that they become our competitive advantages – exactly what is crucial in our growth phase.

Your responsibilities

ISMS Management & Compliance

  • Further development and implementation of our ISMS in accordance with ISO 27001, ISO 42001
  • Planning and conducting internal audits and coordinating external audits
  • Identification and assessment of security risks
  • Implementation and maintenance of security policies
  • Ensuring GDPR compliance within the company

Supplier and customer management

  • Conducting security due diligence on third-party providers and customers
  • Review of data processing agreements (DPA)
  • Processing compliance questionnaires and data protection requests
  • Supporting the sales team with security-related issues
  • Coordination with our external data protection officer

Security Awareness & Surveillance

  • Conducting security awareness training
  • Promotion of a safety-conscious corporate culture
  • Administration of our compliance platform (Vanta) for employee onboarding, trust center, risk register, action plans, vendor management, etc.

Your profile

Qualification

Technical

  • Completed degree in computer science, cybersecurity, business informatics, or a comparable field of study
  • At least 3-5 years of experience in information security management, ideally with reference to ISO 27001
  • In-depth knowledge of the GDPR and its practical implementation
  • Understanding of IT infrastructures and security architectures in B2B SaaS
  • Experience with LLM/AI and the requirements of the EU AI Act (AI Regulation) is a significant advantage
  • Certifications such as CISM, CISSP, or ISO 27001 Implementer/Auditor are an advantage
  • Fluent written and spoken German and English

Personal

  • Analytical mindset and structured way of working
  • Pragmatic and strong in implementation
  • High communication skills
  • Independent and proactive work
  • Ability to communicate complex security concepts in an understandable way
  • Detail-oriented and reliable

What we offer

What we offer

  • Responsible position with considerable creative freedom
  • Diverse tasks in a growing tech startup
  • Flexible working model with remote options
  • Flat hierarchies and direct communication channels
  • International environment with regular team events
  • Competitive compensation and rapid development opportunities

How to apply

Blockbrain is an equal opportunities employer. We celebrate diversity and are committed to an inclusive working environment.

If you love technical challenges and want to not only propose AI solutions but actually make them work, then you’ve come to the right place.