Job Title:
Information Security Manager (In-House)
Location:
Germany (Duisburg, Düsseldorf, Essen, and Cologne - travel between sites required)
Company Overview:
Our client is a leading organization within the medical sector, operating through a group of specialized brands dedicated to providing high-quality services in the healthcare industry.
With a workforce of around 1,200 employees, this organization operates in a collaborative and dynamic environment, with offices across Duisburg (HQ), Düsseldorf, Essen, and Cologne. The offices are conveniently located near each other, enabling seamless coordination across teams.
Key Responsibilities:
* ISO27001 Compliance:
Ensure that the organization remains ISO27001 certified annually, managing the certification process and internal audits to guarantee full compliance with industry standards.
* Risk Management Development:
Develop and enhance risk management practices to improve the maturity of the organization’s security framework and address emerging threats effectively.
* Operational Security Enhancement:
Implement and oversee operational security measures to safeguard the company’s assets, data, and networks.
* Technical Leadership and Collaboration:
Work closely with the IT department to ensure that all security measures are technically sound and aligned with business needs. You will be expected to have a hands-on understanding of technical cybersecurity concepts to effectively communicate and enforce security policies.
* Stakeholder Engagement:
Collaborate with key business stakeholders, including the CIO, Head of IT Operations, and Board Executives to drive security initiatives and ensure alignment with broader organizational goals.
* Policy and Governance:
Lead the creation, review, and implementation of information security policies, procedures, and guidelines across the organization.
Key Requirements:
Technical Experience:
* 2-3 years in a technical background, ideally as a systems engineer or similar role, with a deep understanding of IT systems.
* 3+ years of direct experience in information security, focusing on ISO27001, NIS2, and operational security.
* ISO27001 & NIS2 Expertise:
Proven experience in managing or supporting ISO27001 certification, as well as familiarity with NIS2 directives for cybersecurity.
* Language Skills:
Fluent in German is a must, as the role will require communication across teams in Germany.
* Collaboration Skills:
Strong interpersonal and relationship-building skills, with the ability to work effectively with IT teams and business leaders at all levels of the organization.
* Travel:
Willingness to travel between the company’s various offices (Duisburg, Düsseldorf, Essen, Cologne) as needed.
Compensation:
* Competitive salary of up to €100,000 .