Group Information Security Manager (m/f/d)
Company: Vaillant GmbH Location: Germany Brand: Vaillant Group
What makes us special
* Remote Work: We offer our employees the opportunity to work up to 70% of their working hours on a mobile basis. In addition, they can work up to 30 days a year from a country in the European Union.
* You will work in a fast growing, agile and very dynamic team that challenges established routines and helps transforming the Vaillant Group to a data informed business.
* The compatibility of work and family is also important to us; therefore, we offer flexible working hours. Our employees organize their working hours individually in consultation with their colleagues and management so that family and career can be individually harmonized.
* We offer our employees in Germany an attractive remuneration package in line with the NRW IG-Metall collective agreement, including holiday and Christmas bonuses.
What we achieve together
* In this responsible position, you will assess the Vaillant Group's information security risk landscape and advise on the development of strategic decision papers for information security and the cyber security program.
* Supporting the CISO in the implementation of the information security strategy with a focus on risk management complements your area of responsibility.
* In an international environment, you will be responsible for the planning, development and management of Group-wide information security risk management.
* The identification, assessment and management of information and cyber risks as well as protection needs analyses and the submission of key figures and reports round off your portfolio.
* You evaluate and monitor risk management activities as well as internal and external audit findings and coordinate residual risks and mitigation plans with stakeholders to ensure compliance with Group guidelines.
* As a central point of contact and expert, you will be responsible for conducting regular risk analyses and reporting to key stakeholders.
* You will analyse organizational and technical information security measures and take the lead in maintaining and improving information security guidelines and standards.
What makes us successful together
* Qualifications: Successfully completed Bachelor's or Master's degree in engineering, IT security, computer science or business administration with a corresponding focus. Further training and certificates in information security are desirable (CRISC, CISM, CISSP, CISA, ISO 27001 Lead Auditor).
* Know-how: Several years of professional experience in information security, risk management, governance, compliance as well as experience in project management.
o Experience with common information security standards (ISO 27001, IEC 62443, NIST).
o Experience in leading the development and implementation of information security policies, procedures and guidelines to ensure compliance with relevant policies, laws and standards (NIS2, CRA).
o In-depth knowledge of information security risk management as well as risk management, remediation and reporting.
* Personality: You are characterized by a high affinity for numbers, shareholder management, a thirst for knowledge and a strong assertiveness.
* Work style & language: Reliable, precise, independent and goal-oriented work style as well as adequate communication in fluent English & German.
We promote equity and do not tolerate any form of discrimination. We value the uniqueness of each individual and encourage all people to apply.
Your Contact:
Michelle Kannler
+49 2191 18 2601
We care about our planet and aim to work carbon-neutrally; for this reason, we can only accept online applications.
Let's save the environment together and eliminate paper applications.
#J-18808-Ljbffr