We are seeking an experienced professional in information security management to join a growing consultancy team. The ideal candidate will possess deep expertise in the design, implementation, and continuous improvement of Information Security Management Systems (ISMS), with a strong grasp of international standards and regulatory frameworks.
Key Requirements:
* Language Skills: German language proficiency at C1 level or higher is required.
* ISMS Expertise: Demonstrated experience in implementing and maintaining Information Security Management Systems in line with ISO/IEC 27001.
* Certifications: Possession of ISO/IEC 27001 Lead Auditor or Lead Implementer credentials (or equivalent recognised qualifications) is highly desirable.
* Regulatory Knowledge: Familiarity with relevant regulations such as NIS2 and DORA is advantageous. Exposure to industry-specific standards like TISAX is considered a plus.
* Leadership Experience: Previous involvement in roles such as Chief Information Security Officer (CISO) or Information Security Officer is preferred.
* Technical Proficiency: Hands-on experience in performing risk assessments, conducting internal audits, and developing practical measures to strengthen information security posture.
* Compliance Awareness: Working knowledge of broader compliance requirements, including national IT security standards and data protection laws (e.g., GDPR).
* Interpersonal Skills: Strong analytical thinking, excellent communication abilities, and a client-oriented, solution-focused approach are essential.
* Emerging Technologies: Familiarity with artificial intelligence (AI) applications in the context of information security is an asset.
Primary Responsibilities:
* Advising clients on the implementation and optimisation of ISMS frameworks tailored to their organisational needs.
* Supporting clients through ISO/IEC 27001 or TISAX certification processes.
* Designing comprehensive information security strategies and conducting detailed risk analyses to inform protective measures.