Information Security Analyst - M&A Integration

<div class="page"> <div class="layoutArea"> <div class="column"> <div class="page"> <div class="layoutArea"> <div class="column"> <p><strong><em>Location</em></strong><em>: Come and join us in Hamburg!</em></p> <p>We are looking for a Information Security Analyst for M&amp;A Integration, who will be responsible for safeguarding the organization’s digital assets and reputation during corporate growth initiatives. By conducting rigorous pre-acquisition due diligence and leading the complex post-merger technical integration, this role ensures that new entities are seamlessly and securely onboarded into the corporate environment. The primary objective is to bridge the gap between a target company's current security state and our&nbsp;<strong>ISO 27001</strong> standards, mitigating "hidden" technical debt and preventing security regressions during transitions.</p> <hr> <h2><strong>YOUR DAILY ADVENTURES WILL INCLUDE:</strong></h2> <ul> <li><strong>End-to-End Due Diligence:</strong> Execute comprehensive security risk assessments of target companies, evaluating their technical stack, data privacy controls, and historical breach records to inform deal valuation.</li> <li><strong>ISO 27001 Standardization:</strong> Map the security controls of acquired companies (especially non-certified smaller entities) against our <strong>ISO 27001</strong> framework and develop prioritized remediation plans.</li> <li><strong>Integration Project Management:</strong> Lead the technical migration of identity providers, endpoint management, and cloud environments to ensure a unified security perimeter post-close.</li> <li><strong>Access &amp; Asset Governance:</strong> Manage the secure consolidation of "Shadow IT" and legacy systems from the acquired company, ensuring all hardware and software are accounted for in the master inventory.</li> <li><strong>Security Posture Validation:</strong> Conduct post-integration penetration testing and vulnerability scans to verify that the merger has not introduced new weaknesses into the parent organization.</li> </ul> <p><strong>Communication:</strong></p> <ul> <li><strong>Executive Reporting:</strong> Translate technical vulnerabilities and integration hurdles into clear, risk-based business language for the M&amp;A steering committee and C-suite.</li> <li><strong>Cross-Functional Liaison:</strong> Act as the primary security point of contact between Legal, IT, HR, and Development to ensure security requirements are baked into the overall integration timeline.</li> <li><strong>Cultural Integration:</strong> Facilitate workshops and training for the acquired company’s staff to build rapport and educate them on our security culture and compliance obligations by using our existing training material.</li> <li><strong>Vendor &amp; Third-Party Management:</strong> Coordinate with external auditors and service providers of the acquired entity to manage contract transitions or service terminations.</li> </ul> <p><strong>Innovation:</strong></p> <ul> <li><strong>Playbook Development:</strong> Design and continuously refine a scalable M&amp;A "Security Integration Playbook" that utilizes automation to speed up the discovery and assessment phases.</li> <li><strong>Tooling Optimization:</strong> Evaluate and implement specialized M&amp;A discovery tools or scripts that can quickly audit the security posture of unknown networks with minimal disruption.</li> <li><strong>Adaptive Security Frameworks:</strong> Develop flexible security "on-ramps" that allow smaller, high-growth startups to integrate quickly without the immediate burden of full certification, while maintaining strict risk boundaries.</li> <li><strong>Process Automation:</strong> Identify opportunities to automate the synchronization of user identities and policy deployments across disparate systems during the "Day 1" transition.</li> </ul> <hr> <h2><strong>TO BE SUCCESSFUL IN THIS ROLE:</strong></h2> <ul> <li><strong>Framework Expertise:</strong> Advanced knowledge of <strong>ISO/IEC 27001</strong> and <strong>GDPR</strong> is preferred. Alternative knowledge of NIST and SOC2 could be helpful.</li> <li><strong>M&amp;A Lifecycle Fluency:</strong> Experience navigating the specific phases of a deal, from initial "clean room" data analysis to long-term post-merger synergy realization would be beneficial.</li> <li><strong>Technical Proficiency:</strong> Strong grasp of cloud architecture (AWS), Zero Trust Network Access (ZTNA), and modern IAM solutions (e.g., Okta, SAML).</li> <li><strong>Strategic Problem Solving:</strong> The ability to find creative security solutions when dealing with legacy technology or "unmanaged" environments typical of smaller startup acquisitions.</li> <li><strong>Change Management:</strong> Proficiency in leading organizational change and influencing technical teams over whom you may not have direct hierarchical authority.</li> </ul> <hr> <h2><strong>BENEFITS &amp; PERKS IN A NUTSHELL:</strong></h2> <table> <tbody> <tr> <td> <ul> <li>Flexible working arrangements</li> </ul> </td> <td> <ul> <li>LinkedIn Learning</li> </ul> </td> </tr> <tr> <td> <ul> <li>Sabbatical &amp; special leave policies</li> </ul> </td> <td> <ul> <li>WeRoad partnership</li> </ul> </td> </tr> <tr> <td> <ul> <li>Birthday, 24th + 31st December off</li> </ul> </td> <td> <ul> <li>Short term EU work policy</li> </ul> </td> </tr> <tr> <td> <ul> <li>Mobility Credit</li> </ul> </td> <td> <ul> <li>Health Insurance</li> </ul> </td> </tr> <tr> <td> <ul> <li>Employee assistance program</li> </ul> </td> <td>&nbsp;</td> </tr> </tbody> </table> <hr> <h2><strong>DIVERSITY, EQUITY &amp; INCLUSION:</strong></h2> <p><span style="font-weight: 400;">FREE NOW is an equal opportunity employer and we consider qualified applicants regardless of race, religion, national origin, gender, gender identity, sexual orientation, disability or age.</span><span style="font-weight: 400;"><br></span><span style="font-weight: 400;"> We want you to grow and evolve,</span><a href="https://www.youtube.com/watch?v=dOUL_n8pSGQ"><span style="font-weight: 400;"> </span><span style="font-weight: 400;">bring your true self to work</span></a><span style="font-weight: 400;">.</span></p> <hr> <h2><strong>ABOUT US:</strong></h2> <p>Freenow by Lyft empowers smarter mobility decisions, helping people to move freely and cities to thrive. Through our multi-mobility app, we feature broad options for everyone across 9 European markets and over 180 cities. Millions of passengers can access services including taxis, private hire vehicles, carsharing, car rental, e-scooters, e-bikes, e-mopeds, and public transport within a single app.&nbsp;</p> <p>In July 2025 Freenow was acquired by Lyft, a global mobility platform, which connects riders and drivers for billions of rides across North America and Europe. Together, Freenow and Lyft are creating a more caring and connected world, with transportation for everyone. We are a global, diverse, highly motivated, and collaborative team that strives for excellence and likes to have fun. Ready for your next ride?</p> <p>&nbsp;</p> </div> </div> </div> </div> </div> </div>