The service department "IT Group Functions" supports the Corporate Center (VV, V5, and V6), GBS Service Lines, and CSI in their digital transformation and is responsible for meeting their information and technology needs. As part of "IT Group Functions," the department "IT Risk Management" is responsible for IT security management as well as the implementation and monitoring of IT security measures.
Senior Expert (m/f/d) 7A03-5 / AT nltd. Level 2 (Grade A14/A15)
Key Responsibilities:
IT Security Senior Specialist (m/f/d)
Management and coordination of IT Audit Activities within the Corporate Center (VV, V5, and V6), GBS Service Lines, and CSI, as well as ensuring IT security and compliance in strategic and cross-divisional projects within the scope of IT Risk Management
* Representation of IT Group Functions (IT GF) during external IT audits concerning heterogeneous and cross-functional IT applications and platforms, e.g., Common Reporting System (CREST), Electronic Banking Platform (EBP)
o Planning, coordination, and support of external IT audits, including professional oversight of project-related audit teams
o Point of contact for external auditors regarding IT-related inquiries
o Consolidation and evaluation of audit results and derivation of recommendations for action
o Identification, development, and assessment of solutions to timely resolve audit findings in compliance with IT security and compliance standards, in collaboration with the Group Chief Information Security Office (Group CISO)
o Consulting business units on implementing measures to mitigate IT risks
o Monitoring and ensuring the implementation of time-critical and economically significant solutions and improvement measures
o Preparation of annual Risk Management reports for the Supervisory Board in coordination with IT GF and Group CISO management
* Evaluation of internal audit results and derivation of necessary actions and improvement measures, e.g., for IT products in HR, Procurement, and Real Estate
o Analysis and assessment of audit findings identified by Corporate Audit
o Identification and development of measures to mitigate IT risks, considering all audit projects and targeted IT process improvements holistically
o Consulting business units on implementing developed solutions and derived improvement measures
o Monitoring implementation status and regular reporting to IT GF management
* Further development of processes and controls within the Internal Control System (ICS), taking into account external and internal audit results
* Development and implementation of mechanisms for regular review, assessment, and reporting on the effectiveness of established IT risk mitigation measures
* Ensuring sustainable compliance beyond audit cycles in strategic and cross-divisional IT projects, e.g.:
o Development and implementation of IT user access concepts to regulate data access for Software-as-a-Service (SaaS), SAP, and Oracle systems, ensuring compliance with IT security and compliance standards
o Identification and implementation of required changes to IT controls in the “People Identity & Access Management (PIAM)” system to regulate access to corporate data
Professional Qualifications:
* Completed university degree in Information Technology or a comparable qualification
* Long-term years of professional experience,, preferably in IT audit, compliance, or risk management
* Strong knowledge and experience in project management; certification (e.g., PMP, Prince2) is desirable
* In-depth knowledge of security principles, practices, and technologies
* Proven auditing competencies, e.g., through CISA, CIA, or CPA certification
* Knowledge of DHL Group’s cross-functional IT structure is an advantage
* Excellent English skills, German language skills are desirable
Personal Qualifications:
* Strong analytical and conceptual skills
* Quick comprehension and flexibility
* Organized and structured working style
* Excellent communication and presentation skills
* Confident and professional demeanor at all levels
* Experience in leading teams
* Strong stakeholder management skills, including in international environments
* Integrity and loyalty
Notes for Applicants:
* Please apply with your complete documents (resume, cover letter, and certificates) online via the application link in the job posting.
* Contact persons: Sven Rötzel, Phone +49 (0) 228 18952128
* We welcome applications from all individuals – regardless of age, gender, origin, religion, or physical characteristics.
* Severely disabled individuals and those with equal status will be given preference when qualifications are equal.