Job Informationen

Your tasks: Coordinating and ensuring coverage of the legal and regulatory requirements for cyber risks and information security risks in collaboration with the CTO division Maintenance and ongoing development of a systematic identification, assessment, and monitoring process of information security risks (ISMS according to ISO 27001 standard) Manage the performance of risk assessments Be responsible in coordination with the CTO division for the continuous improvement of the IT security system, and monitoring compliance with the IT security system Contribute to the further development of the existing Security Operation Center (SOC), for monitoring, early identification,and efficient handling of vulnerabilities and incidents in the area of information security and cyber risks, Develop and issue IT security specifications in the form of security concepts, directives, guidelines Provide information and consulting in connection with security incidents and the effectiveness of information security measures Collaborate with internal and external stakeholders, as well as preparation and close support of external and internal audits Continuous improvement of business continuity management, including periodic BC/DR tests Planning, commissioning, monitoring, and evaluation of regular risk-oriented security audits such as vulnerability analyses and penetration testing Plan and implement targeted and regular training and awareness-raising measures with regard to IT information security Your profile: A minimum of 3+ years working as CISO or in the area of CISO Higher professional degree or studies in the field of business informatics or computer science and further education in the field of IT & information security (CISSP, CISM, CISA, etc.) Experience in a regulatory environment (e.g. bank, insurance, asset manager) is an advantage In-depth knowledge and experience in risk and information security management (incl. standards and regulatory basics, e.g. ISO 27001, NIST, CIS) Experience in IT processes, cloud technologies, IT architecture, network technologies, application security, and identity and access management Great interest in developing yourself in a dynamic, interactive, and digital environment in breadth and depth You enjoy working on your own initiative and contributing to a dynamic environment. Fluency in German and English

Benötigte Skills

• Deutsch
• Englisch
• Access
• Compliance
• ISO
• Security
• Support
• Testing
• CLOUD
• Monitoring
• CISSP
• CISM