Information Security Manager (m/f/x)
You make our IT world a little bit more secure. Together with your team, you are jointly responsible for all information security guidelines in the context of an information security management system to be certified according to ISO 27001 and BSI IT-Grundschutz. You are actively involved in the development of ideal solutions within our company and do not just dictate from above. You create trust in the security of our IT system landscape and software solutions and ultimately in our business model.
- Creation, maintenance and further development of information security guidelines, risk analyses and emergency plans
- Advising employees on the creation, maintenance and further development of work instructions, asset manuals and specialist standards, as well as on the implementation of these regulations in day-to-day operations
- Advising employees on the implementation of projects and the handling of security-relevant operational incidents
- Monitoring and documentation of information security, data protection and compliance incidents
- Coordination with the data protection officer and the coordination with the data protection, occupational health and safety, legal and compliance departments
- Responding to inquiries on information security and data protection and compliance issues
- Implementation and further development of recurring technical and organizational measures to maintain information security
- Implementation of own projects to increase information security in the company
- Planning and support of internal and external audits
- Fluent German is required
What you have to bring on board:
- You have theoretical experience in the introduction and maintenance of an information security management system based on ISO 27001 and BSI IT-Grundschutz.
- Ideally, you also have practical experience in the introduction and maintenance of an information security management system based on ISO 27001 and BSI IT-Grundschutz.
- You bring practical experience in the working methods and processes of a small or medium-sized technology company.
- You are able to strike a balance between the requirements of ISO 27001/BSI IT-Grundschutz and the dynamics of an innovative IT company.
- Ideally, you also already have practical experience with the requirements of the EU-DSGVO and compliance topics.
- You have a good command of written and spoken German and English.
What to expect from your Team:
As a team, we stand by the core values of “Building Trust and Being Trusted” and “Security meets Usability”. Employees in the company rely on the technical and organizational expertise of the Security & Compliance department. We always try to keep requirements simple and practicable so that they can actually be applied in everyday life. We are a colorful mix of technical and organizational talents and are happy to be enriched by other like-minded people.