InfoSec Lead (m/f/d)

Permanent employee, Full-time · Berlin, Munich

About Us

STARK is a new kind of defence technology company revolutionizing the way autonomous systems are deployed across multiple domains. We design, develop and manufacture high performance unmanned systems that are software-defined, mass-scalable, and cost effective. This provides our operators with a decisive edge in highly contested environments.
We’re focused on delivering deployable, high-performance systems—not future promises. In a time of rising threats, STARK is bolstering the technological edge of NATO Allies and their Partners to deter aggression and defend Europe—today.

Your mission

As the Information Security Lead, you will spearhead STARK Defence’s security strategy, ensuring robust protection of sensitive data, infrastructure, and intellectual property. You will be the key advisor on all matters of cybersecurity, driving both strategic initiatives and hands-on practices to maintain compliance with international standards and government regulations.

Responsibilities

Develop and implement the company-wide information security strategy, policies, and governance frameworks
Lead risk assessments and threat modeling for systems, applications, and infrastructure
Define and oversee security requirements in product development and internal IT processes
Collaborate with engineering, IT, and compliance teams to ensure secure design and deployment practices
Monitor, detect, and respond to security incidents, leading investigations and reporting findings to leadership
Ensure compliance with relevant frameworks (e.g., ISO 27001, NIST, GDPR, military security standards)
Manage external vendors and partners related to penetration testing, audits, and certifications
Educate and train employees on cybersecurity awareness and best practices
Report regularly to senior leadership on risk posture, incident response, and mitigation strategies

Qualifications

Proven experience (5+ years) in information security, cybersecurity, or related fields
Strong knowledge of security standards, frameworks, and best practices (e.g., ISO 27001, NIST, OWASP)
Hands-on experience with risk assessments, vulnerability management, and security audits
Familiarity with secure product development in hardware/software systems, preferably in defence or critical infrastructure sectors
Strong understanding of data privacy regulations (e.g., GDPR) and export control regulations
Excellent communication skills to engage with technical and non-technical stakeholders
Relevant certifications (e.g., CISSP, CISM, CEH, ISO 27001 Lead Implementer) are a plus
Fluency in English; German language skills are an advantage

What we offer:

A meaningful role in a high-impact, mission-driven environment
Opportunities for professional development and certification
Working at the forefront of defence technology alongside passionate experts

Apply for this job

About us

LEGAL DISCLAIMER

We are an equal-opportunity employer committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or any other characteristic protected by law. Due to the nature of our work in the defense sector, candidates must be eligible to obtain and maintain the appropriate security clearance required for the position.

Apply for this job

We are looking forward to hearing from you!

Thank you for your interest in STARK. Please fill out the following short form. Should you have difficulties with the upload of your data, please contact our recruiting team.