Job Description

team.blue is an ecosystem of successful brands working together across regions to provide customers with everything they need to succeed online. 60+ successful brands make up the group; with a team of 4,200 experts serving its 3,3 million customers across Europe and beyond.

team.blue's brands are a mix of traditional hosting businesses, offering services from domain names, email, shared hosting, e-commerce and server hosting solutions and specialist SaaS providers offering adjacent products such as compliance, marketing tools and team collaboration products. This broad product offering makes it a one-stop partner for online businesses and entrepreneurs across Europe.

You will lead security across team.blue Nordics & CEE: six entities operating in Slovakia, Hungary, Serbia, Czech Republic, Sweden and Finland, with approximately 300 staff.

This is a hands-on role. We expect roughly two-thirds of your time on practical NIS2 transposition and ISMS implementation across the entities, working directly with operations and software engineering teams. The remaining third covers the broader Regional CISO mandate: regulator engagement, awareness, incident response, and risk management. In the future external audits and certifications, this is why good collaboration and communication skills are key for you to succeed.

Beyond the regional remit, you will participate in group-wide security work from day one through standards implementation and shared programmes. As the NIS2 programme stabilises, the role will increasingly take on group security projects and cross-regional responsibilities alongside the other Regional CISOs.

You will work from our Bratislava office where most of the teams you will be collaborating with reside. You will reference the Group CISO Jakob Schwartz and be part of the Security Management team which consists of regional CISOs from the rest of team.blue’s entities across Europe.

Your Responsibilities

NIS2 and regulatory implementation (priority focus):

• Translate NIS2 obligations into practical controls, processes, and documentation across the six entities, including the differences in national transposition (CZ, SK, HU, SE, FI) and the Serbian Law on Information Security regime

• Work directly with operations and software engineering teams to embed security requirements into our infrastructure and software

• Manage contact with competent authorities (NÚKIB, NBÚ, SZTFH, MSB, Traficom, and equivalents) and lead notifications and audits, in collaboration with Group Privacy Counsel where GDPR overlaps

ISMS and compliance:

• Implement and operate the ISMS based on ISO 27001, translating standards into internal policies in collaboration with the business

• Manage external audits and certifications across the region

• Coordinate external security tests: scoping, assessment, and follow-up

• Conduct risk assessments and track remediation through to closure

Security operations and culture:

• Manage security incidents in collaboration with Operations

• Run incident response drills and convert lessons learned into improvements

• Own regional security awareness and training delivery

Group standards and contribution:

• Implement group security standards, policies, and tooling in the regional context, and contribute to their evolution as part of the Security Management team

• Participate in group-wide security projects and initiatives, taking on broader responsibilities as the NIS2 programme matures

• Share regional insights, threats, and lessons learned across the wider security function

You will be responsible for security implementation in the Nordics and CEE, but you will also be involved in security activities across the team.blue group across Europe.

Professionally, we expect you to have

• Minimum 7 years of experience with IT security

• Proven experience with maintaining and implementing ISO 27001

• Knowledge of security standards such as CIS Controls, NIST, etc

• Can communicate clearly in written and spoken English

It is a plus if you have

• Experience with legislation such as NIS2, GDPR

• One or more certifications, such as CISSP, ISACA CISM, ISO 27001 LI or similar

• A technical background in system administration or software development.

You'll Thrive in This Role If You:

• Move comfortably between policy, regulator engagement, and operational implementation in the same week

• Like getting things done in messy, multi-entity environments where templates only get you so far

• Can hold structure and detail across parallel streams without losing the thread

• Want to grow your remit over time from regional implementation into broader group security impact

"Come as you are"

Everyone is welcome here. Diversity & Inclusion are at our core. Far above any technical competence, we value respect, openness, and trusted collaboration. We do not tolerate intolerance.

Right to work

At any stage, please be prepared to provide proof of eligibility to work in the European country you are applying for. Unfortunately, we are unable to support Sponsorship Visas

ESG

At team.blue, our commitment to caring for the environment and each other is at the heart of everything we do. Our latest impact report showcases our ongoing ESG efforts and ambitious sustainability goals. Interested in learning more about our dedication to making a positive impact? Check it out here

Work location:
Websupport, s.r.o - Karadžičova 12, 821 08 Bratislava, Slovakia