Welcome to– a company that combines innovation and responsibility! Our corporate functions are diverse and make a decisive contribution to the strategic orientation and sustainable success of.
Corporate Information Technology (CIT) is the central part of the company’s strategy, developing and implementing innovative security solutions to enhance efficiency and competitiveness in the CarlGroup. By working closely with various business units, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.
Your role
Aa an Information Security Manager you take over ownership and steering of complex domains and activities on a global scale. As domain responsible, the Information Security Manager is steering a dedicated InfoSec domain in line with corporate and business InfoSec demands and objectives.
1. Take over ownership for a dedicated cross-functional InfoSec domain and drive the development of the area of responsibility globally
2. Contribute to risk management by identifying and assessing InfoSec risks related to the field of responsibility and define and propose mitigating actions
3. Develop the domain-specific strategy and roadmap by proposing long-term goals in alignment with other InfoSec domains and the corporate and business InfoSec strategy
4. Handle incoming requests and requirements as the first point of contact for the dedicated InfoSec domain and drive InfoSec programs, initiatives and projects according to aligned priorities and objectives
5. Engage with stakeholders across the organization to ensure the alignment of InfoSec goals, priorities and initiatives
6. Lead and orchestrate security (project) teams and provide guidance for less experienced staff members
Your profile
7. Apprenticeship, studies or professional education in Information Security Management, Business Administration, Corporate Governance, Management, IT, Engineering or a related discipline (Bachelor's or Master's degree) or an equivalent mix of education and professional experience.
8. Several years of professional experience in a field related to IT-, Information- or Cyber Security, e. g. Information Security Management, ISO 27001, Information Security KPIs, Information Security Incident Management.
9. One or more relevant and current information security certifications from an established organization (such as ISACA, ISC2, CompTIA, EC-Council, GIAC, OffSec or vendor-specific certifications).
10. Knowledge and experience in managing and driving information security projects across multiple stakeholders in a global business environment.
11. Ability to solve complex tasks and problems, applying innovative thinking
12. Ability to work in a structured and independent way and to correlate technologies, understand complex environments, business requirements
13. Ability to interact with fellow employees, stakeholders, incl. functional peer group managers, involving matters between functional areas, other company divisions or units
14. High level of personal resilience and self-driven, results-oriented approach to work
15. German (fluently) OR English (fluently), other languages of advantage
Your ZEISS Recruiting Team:
Lisa Briesner