InformationSecurityAnalyst-M&AIntegration

Location: Come and join us in Hamburg! We are looking for a Information Security Analyst for M&A Integration, who will be responsible for safeguarding the organization’s digital assets and reputation during corporate growth initiatives. By conducting rigorous pre-acquisition due diligence and leading the complex post-merger technical integration, this role ensures that new entities are seamlessly and securely onboarded into the corporate environment. The primary objective is to bridge the gap between a target company's current security state and our ISO 27001 standards, mitigating "hidden" technical debt and preventing security regressions during transitions. YOUR DAILY ADVENTURES WILL INCLUDE: End-to-End Due Diligence: Execute comprehensive security risk assessments of target companies, evaluating their technical stack, data privacy controls, and historical breach records to inform deal valuation. ISO 27001 Standardization: Map the security controls of acquired companies (especially non-certified smaller entities) against our ISO 27001 framework and develop prioritized remediation plans. Integration Project Management: Lead the technical migration of identity providers, endpoint management, and cloud environments to ensure a unified security perimeter post-close. Access & Asset Governance: Manage the secure consolidation of "Shadow IT" and legacy systems from the acquired company, ensuring all hardware and software are accounted for in the master inventory. Security Posture Validation: Conduct post-integration penetration testing and vulnerability scans to verify that the merger has not introduced new weaknesses into the parent organization. Communication: Executive Reporting: Translate technical vulnerabilities and integration hurdles into clear, risk-based business language for the M&A steering committee and C-suite. Cross-Functional Liaison: Act as the primary security point of contact between Legal, IT, HR, and Development to ensure security requirements are ba