The PSI Group develops software products for optimizing the flow of energy and materials for utilities and industry. As an independent software producer with more than 2,300 employees, PSI has been a technology leader since 1969 for process control systems that ensure sustainable energy supply, production and logistics by combining AI methods with industrially proven optimization methods. The innovative industry products can be operated on-premises or in the cloud.We are seeking an experienced and forward-thinking (Senior)Information Security Manager (f/m/d)to join our team at PSI. In this zentral role, you will help shape and implement our company-wide information security strategy, continuously enhance our ISMS, and collaborate with stakeholders across all levels to ensure compliance with international standards and regulatory requirements. If you are looking to make a strategic impact in a technically driven environment, we look forward to hearing from you.Your TasksDrive and further develop PSI's information security strategyEnhance and maintain our ISMS in a practical and sustainable wayCreate and improve security policies, processes, and frameworksManage InfoSec requirements (e.g. ISO 27001, NIST CSF, KRITIS)Support security reviews, risk assessments, and maturity reportingIdentify, evaluate, and manage information security risksCollaborate with stakeholders across business units and rolesContribute to vendor/product assessments and due diligenceSupport audit preparation (e.g. ISO 27001, TISAX)Promote a strong security and compliance cultureAssist in incident management and knowledge sharingYour ProfileStrong knowledge of ISMS (ISO 27001, NIST, etc.)Experience in security governance, policy and process designStrategic mindset and understanding of risk managementFamiliarity with cloud security (GCP, Office 365)Analytical, structured, and solution-oriented thinkingOwnership mentality and proactive work approachUnderstanding of agile and lean practicesExcellent communication skills in English (German a plus)Bonus: GDPR/CCPA knowledge, certifications (e.g. CISM, ISO LA), cloud or privacy certs