(Senior) Information Security Manager (m/f/d)
Join our team at our location in Berlin, Münster, Amsterdam, Heerenveen, Verl or Luxembourg – flexible working conditions available
We seek a Senior Information Security Manager to join our CISO’s Consulting team. This role will strengthen our second line of defense. It will be responsible for operating and updating our information security framework, including documentation, controls, risk management, awareness, and metrics.
Key Responsibilities in this role:
* Requirement Management: In collaboration with the Legal department, you will regularly screen multiple sources of authority documents, maintain, and update Riverty’s register of legal, contractual, and other factual requirements on information security.
* Control Framework: Using the register of requirements, maintain and update Riverty’s standardized control framework for information security and business continuity. Oversee the change board for the control framework and manage communication within the organization and the team.
* Documentation Framework: You will ensure that Riverty’s control framework on information security and business continuity is accurately reflected in its documentation framework, including policies, standards, and operating instructions.
* Consulting the Business: You will support the ISOs as business partners and guide the first line of defense on internal and external requirements, advising them on effectively implementing pre-designed controls.
* Risk Management: You will play an integral role in Riverty’s regular risk assessment and management schedule for ICT risk across the entire division, supporting ICT risk owners over the entire risk lifecycle.
* Awareness Program & Outreach: You will develop and implement comprehensive awareness campaigns to promote information security and business continuity practices and embed a culture of security and resilience within the organization. Utilize effective communication strategies to ensure all employees are informed and engaged with the initiatives.
* Metrics Framework: You will maintain and update the metrics framework for information security and business continuity, as well as connect data sources, owners, and reporting mechanisms.
What you need to succeed in the role:
* You have completed a university degree in (business) computer science, business administration, or a comparable course.
* You have at least seven years of professional experience in information security, ideally in an international environment.
* You possess a recognized certification in information security, such as CISSP, CISM, or similar.
* You have strong knowledge of risk assessment methodologies (e.g., risk framework 27005), security frameworks (e.g., NIST, ISO 27001), and ICT compliance regulations (EBA guidelines on ICT & security risk management, DORA, CSSF circulars, etc.).
* You deeply understand IT landscapes, architectures, and processes, especially about the cloud (Azure) and agile software development.
* You possess excellent communication and presentation skills in English and proficiency in German.
* You are characterized by a high level of initiative, a solution-oriented approach, and a strong focus on enablement.
* You are willing to travel nationally and internationally (up to 25%) when needed.
Thrive at Riverty with great benefits:
* Immerse yourself in a welcoming, trust-filled atmosphere as part of our agile teams and explore the fantastic opportunities within the Bertelsmann Group.
* Put your health first by engaging in a variety of supported sports and leisure activities – it's important to us!
* Empower your growth and professional development with Riverty’s training sessions and customized development plans. Together, we'll learn, evolve, and achieve success.
* Know that you're appreciated with plenty of employee benefits & discounts just for you.
* Experience the best of both worlds with our flexible working arrangements, which let you mix on-site teamwork and remote work to create the perfect professional experience that suits your life.
Please note, benefits could be different depending on location or agreement details, and they may alter over time. We'd be delighted to explore these benefits in greater depth during an interview.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
#J-18808-Ljbffr