Stellenbeschreibung People. Passion. Possibilities. Three words that make a world of difference. More than a job. It's a chance to make a real difference. Welcome to AbbVie! As part of an international company with 48,000 employees worldwide and around 3,000 employees in Germany, you will have the opportunity of addressing some of tomorrows unmet medical needs in close collaboration with your colleagues. Are you passionate about improving global health care? Do you want to contribute to improving patients' quality of life through your expertise? In a challenging work environment that offers opportunities of developing and increasing your own skills? Youve come to the right place! Together, we break through – as Regional Information Security Manager (all genders) The AbbVie Regional Information Security Manager (RISM) EMEA (all genders), is responsible for strengthening AbbVie's information security posture within the EMEA region. This role is a main point of contact for information security and risk management in EMEA, ensuring strategic alignment with global frameworks and integrating robust governance structures. RISM works closely with affiliates, commercial teams, R&D, manufacturing, and regional leadership to build trusted partnerships, ensuring that security strategies and controls align with business objectives, regulatory requirements, and evolving threats. The RISM EMEA is dedicated to instilling a culture of cybersecurity across the AbbVie organization. Make your mark: Security Leadership & Culture Act as the primary liaison for information security and risk management across EMEA. Instill a culture of cybersecurity through ongoing engagement, awareness, and tailored communications, targeting all levels of personnel. Develop strong, trust-based relationships with business leaders and affiliates in EMEA, ensuring security strategies align with local goals. Security Governance Support and enforce information security governance frameworks, policies, and standards tailored to EMEA operations and affiliates. Continuously review and enhance regional security reporting metrics, providing clear value and insights to business and technical stakeholders. Risk and Compliance Contribute EMEA-specific inputs to risk assessments in partnership with global GRC and vulnerability management teams. Engage with local regulatory bodies, compliance, and legal teams to monitor and support evolving legal and compliance needs. Work in line with NIS2 guidance, GDPR and local data protection laws, contributing to the development and communication of security policies, procedures, processes, and regional plans to help establish the security baseline across our affiliates in EMEA. Stakeholder Engagement Serve as the trusted information security advisor to EMEA BTS, legal, HR, and manufacturing leadership, and facilitate cross-functional alignment for cybersecurity initiatives. Understand affiliate strategies, tailoring security requirements and approaches to support local business objectives and risk tolerances. Incident Management Act as the regional point of contact for business-facing communication during security incidents or investigations. Ensure effective coordination with SOC/IR teams on response workflows, focusing on stakeholder updates and clear, business-appropriate messaging. Security Awareness & Training Facilitate the localization, tailoring, and delivery of globally led awareness efforts and tabletop exercises for EMEA audiences. Adapt global materials to regional contexts to enhance engagement and work closely with global program leads to ensure cultural relevance. Continuous Improvement Continually review, report, and seek enhancements for EMEA's security posture, leveraging feedback from affiliates and evolving regulatory/industry standards.