IT Risk & Security (Senior) Manager (m/w/d)
If you like change, change to us
We are an international mid sized group with appetite for innovations, approachable management, lead by objectives / targets which give the opportunity of a wide range of empowerment. We as a growth oriented market leader invite you to join us on our journey from good to great!
The IT Risk & Security (Senior) Manager translates the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develops metrics for ongoing performance measurement and reporting. The IT Risk & Security (Senior) Manager coordinates the IT-organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management.
The IT Risk & Security (Senior) Manager is a leadership role that reports directly to the CIO and requires an individual with a strong technical background, as well as an ability to work with the IT-organization and business management to align priorities and plans with key business objectives.
Responsibilities
The IT Risk & Security (Senior) Manager’s job is composed of a variety of activities, including tactical, operational, and strategic activities, such as:
* IT-Security governance.
* IT-Risk & Audit Management.
* IT-Security Awareness Measures.
* Conduct external penetration Test.
* Lead strategic security projects.
* Steering & escalations of security operations, i.e. incident management.
* Continuous exchange with compliance organization, i.e. in Data Protection (GDPR) related matters.
* Evolve OT-Security measures & governance.
* Develop (IT-) Business Continuity Management measures.
Requirements
* A minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity.
* A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
* Strong Leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
* The ability to interact with Norma Group personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
* A strong understanding of the business impact of security tools, technologies, and policies.
* Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.
* Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT-Organization, project and application development teams, management, and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies.
* Experience working with legal, audit and compliance staff.
* Experience developing and maintaining policies, procedures, standards, and guidelines.
* Experience with OT-Security methods is preferred.
* Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL), TISAX and Control Objectives for Information and Related Technology (COBIT) frameworks.
* German language skills on a native level or minimum C2 - mandatory.
Contact for this position: Monika Mohr
NORMA Group Human Resources
Edisonstraße 4
63477 Maintal, Germany
www.normagroup.com