Ihre Aufgaben:
* Perform/Support of internal and external audits (e.g. ISO27001, BSI), support/prepare the relevant stakeholders for audits
* Advise in relevant activities to make sure RWE follows legislation in the area of information security management, e.g.. NIS2, KRITIS
* Development of standards, procedures and processes with a global reach to support regulatory compliance, e.g.. NIS2, KRITIS
* Develop, monitor, and advise on the findings/actions raised from internal and external audits with the relevant stakeholder
* Important info: It is a mix of Auditor and ISMS Manager. The candidate should have experience with the German laws that audits entail. However, he does not necessarily have to have taken part in one himself. However, they should have prepared or even set up an ISMS for such an audit
Ihre Qualifikationen:
* Professional experience in the operational technology (OT) environment with focus on Governance, Risk & Compliance
* Professional experience in the field of information security and compliance including experience in ISO/ IEC 27001 certification, German §8a BSIG and paragraph 11 1b EnWG Audit; experience in TISAX certification is desirable, but not mandatory
* Experience in the implementation of regulatory requirements, the design and/or audit of governance and/or internal control systems as well as experience in project work
* Comprehensive technical knowledge and experience in information security standards such as NIS2, ISO27xxx, B3S and IT-Sicherheitskatalog
* Fluent in English; German proficiency and/or other languages is a strong plus.
* Knowledge of Microsoft Office Suite (Excel, PowerPoint, Word) and basic familiarity with data analysis tools.
Ihre Vorteile:
* You will work in an international environment
* Support throughout the entire application process