For a renowned, international and constantly growing company, we are looking for an experienced Information Security Manager (m/f/d) who will play a key role in setting up and developing the Information Security Management System (ISMS).
Here's what our clients offer
1. Remuneration & benefits: An attractive salary package, supplemented by vacation and Christmas bonuses, an employer-financed company pension scheme and supplementary long-term care insurance.
2. Flexibility & work-life balance: A 37.5-hour week, 30 days' vacation and the option to work remotely two days a week.
3. Future allowance: A flexible budget that can be used for 5 additional vacation days, as a pension allowance or as an annual payment.
4. Development & environment: A wide range of training opportunities, free meals in the canteen, excellent transport links and free parking.
5. Health & culture: Free sports activities, regular company events and exclusive employee discounts.
Your tasks
6. Leading the establishment and further development of a holistic information security management system (ISMS) in cooperation with external partners, with the aim of ISO 27001 certification.
7. Ensuring compliance with relevant standards such as ISO 27001, NIS2 and the GDPR.
8. Designing, implementing and updating security policies, processes and controls.
9. Coordination of overarching risk management and support for internal and external audits
10. Evaluation and review of technical and organizational security measures (TOMs).
11. Active cooperation with various specialist departments to promote a company-wide security culture, including the implementation of awareness measures.
12. Regular reporting of the risk status and audit results to the management.
13. Supporting the processing of security incidents and the implementation of data protection impact assessments.
Your profile
14. Degree in (business) informatics, IT security or a comparable field of study.
15. Sound professional experience in setting up and managing an ISMS, ideally in the context of ISO 27001 certification and risk management.
16. Very good knowledge of the relevant norms and standards, in particular ISO 27001, NIS2 and GDPR
17. Good technical understanding of protective measures in areas such as encryption, access control and cloud security
18. Fluent written and spoken German and English.
19. Strong communication and presentation skills, a confident manner and the ability to manage cross-functional stakeholders.