Head of Information Security - Hybrid Work

Security used to be something you proved once a year. Today, it’s something you prove every single day.

At Alma Career, we’re building security as a real operational capability — embedded into product development, engineering, governance, and decision-making across our organization.

Over the past year, we have invested significantly in building the foundation of our Information Security Management System (ISMS). We have created our ISMS Manual, established core governance structures, and started practical implementation together with pilot teams inside our product development organization.

Now we’re looking for a Head of Information Security who can help turn that foundation into a living, scalable security operating model.

Our product development organization consists of approximately 200 people, including more than 100 engineers building products used by millions of people every month across 10 countries. Security and trust are core pillars in our company strategy — and we believe their importance will only grow in the AI-driven future ahead of us.

The role of marketplaces, recruitment platforms, and digital work-life ecosystems will continue to evolve rapidly in the years ahead. But one thing is clear: security, privacy, resilience, and trust will become even more critical differentiators for successful digital products.

This role sits right at the centre of that transformation.

You will work closely with our product development organization because the outputs of engineering are the most visible — and most exposed — part of our security landscape. We are already piloting ISMS implementation with one of our most critical product teams, and we want to expand practical, engineering-focused security capabilities across the organization in a pragmatic and scalable way.

We are not looking for someone who builds security theatre or paperwork for auditors.

We are looking for someone who can:

• work closely with engineers and product teams
• translate security and regulatory requirements into practical operating models
• improve security visibility and resilience in everyday development work
• balance governance with execution
• help make security part of how products are built — not something added afterwards

If that sounds like the kind of challenge you want to own, keep reading.

What you’ll be doing

You’ll be the driving force behind our ISMS, making sure it’s not just documented, but actively embedded into how we operate.

In practice, that means you will:

• Drive collaboration between security, product development, business, and compliance stakeholders
• Lead the implementation and continuous improvement of our ISMS across the organization
• Turn strategic goals into clear, actionable security plans
• Build clear, usable security documentation and support customer security and compliance inquiries
• Improve practical security capabilities across engineering and product development
• Champion a “security by design” mindset
• Translate regulatory and compliance requirements into practical operational controls
• Lead and support our Information Security team while helping shape security capabilities across the organization
• Report directly to the Technology Director and contribute as a member of the Technology Management Team

What you bring

You understand that modern security is built together with engineering — not added afterwards.

You know how to balance governance, product development, and operational reality. You’re comfortable discussing risk with leadership, but also working directly with engineers, architects, and product teams to improve how security works in practice.

We’re looking for someone who brings experience in several of the following areas — and who is excited to keep growing across the rest:

• Experience implementing and operating ISO 27001-based security practices (or similar frameworks) in real-world product or technology organizations
• Strong understanding of modern product and engineering environments, including secure development practices, vulnerability management, and cloud-based services
• Hands-on experience working with development teams on topics like dependency management, application security, penetration testing, and security tooling
• Understanding of regulatory and compliance frameworks such as GDPR, NIS2, DORA, and how to translate them into practical operational controls
• Experience building or improving ISMS and security governance models that support everyday development work — not just audits
• Ability to create documentation that is clear, usable, and grounded in operational reality
• Interest or experience in AI-assisted tooling, automation, and the security implications of AI-driven product development
• Excellent communication skills — you can explain technical and security concepts clearly to both engineers and business stakeholders
• Fluent English

How you work

• You translate strategy into action (and follow through)
• You collaborate easily across teams, regions, and roles
• You believe security should enable business, not block it
• You’re pragmatic: you deliver what works, not what looks perfect on paper
• You’re honest about risks and gaps—and proactive about solving them

Why join us

At Alma Career, security is not just a compliance exercise — it’s a core part of how we build products and relationships. Your work will directly shape how we operate, how we grow, and how we’re trusted by customers across multiple markets.

Success in this role means making security part of everyday engineering and business decisions — not creating parallel bureaucracy.

The task is simple: Make our security provable, sustainable, and embedded everywhere.

No pressure. (Okay, maybe a little—but the good kind.) 😉

What else will make you happy with us

Impact & growth

• Salary range: 115 000 - 130 000 CZK/month, depending on your experience and seniority.
• You’ll play a key role in turning security from a documented framework into a living operating model embedded in everyday product and engineering work.
• You’ll help define what practical, modern security looks like in an AI-driven product organization — with real influence on engineering practices, governance, and long-term resilience.
• Access to internal and external courses and conferences, plus free access to Seduo — our own learning platform full of development opportunities.

Time & flexibility

• 5 weeks of vacation
• Unlimited “Happy Days” — extra days off you can use anytime (for appointments, errands, volunteering, or simply because it’s a beautiful day outside)
• Flexible working hours and home office Flexible working hours and a hybrid work setup, with the option to split your time between remote work and one of our offices in Prague, Brno, or Ostrava.
• A mobile tariff with 100 GB of data to make remote work and online meetings seamless

Health & wellbeing

• Mental health support through Hedepy (online sessions with a psychologist/therapist)
• Multisport card contribution (250 CZK) + option for accompanying adult and children’s cards
• Support during long-term illness

Everyday perks

• Cafeteria credit and meal vouchers
• Afternoon snacks twice a week and a fresh vitamin boost every Wednesday
• A Freshpoint fridge with a 20% company contribution
• A tea room with some of the best teas from across Asia
• Various partner discounts (e.g., leasing, Smarty.cz, Interhome, and more)

And what truly makes the difference?

It’s the people.

At Alma Career, you’ll find a friendly and respectful culture where you can be yourself. We care about meaningful work — what we build helps shape the world of work for millions of people. And we believe growth happens together: by sharing ideas, challenging each other, and supporting one another.

Courage grows together.

If you’re curious, you can also check what our colleagues say about us on Atmoskop.cz

We hope that we`ve sparked your interest... So, if you’re ready to build something meaningful and influence how security works at scale, we’d love to hear from you.