At Uniper, we proactively transform the world of energy while ensuring the security of energy supply. As an internationally operating company, we work in very diverse teams with the greatest possible working time flexibility for our employees. Our corporate culture is characterized by equal opportunities, mutual appreciation, and respect. With us, you will be able to develop new business models, work on technological solutions for a modern, sustainable, and future-oriented energy supply, as well as proactively help shape changes. Interested? We look forward to meeting you!
The Information Security Governance Manager supports developing and implementing Uniper's information security strategy, Information Security Management System (ISMS) policies and governance framework. This role focuses on establishing and maintaining a robust and comprehensive security framework ensuring adherence to regulatory requirements, industry best practices and standards. The mission of this role is maintaining the integrity and protection of Uniper's information assets through an effective ISMS.
Key Responsibilities:
* Serve as a Subject Matter Expert (SME) on Uniper's information security strategy, governance and associated critical processes, ensuring alignment with regulatory, statutory, and industry requirements and security best practices.
* Develop and manage comprehensive information security strategies, standards, processes, and ensure enforcement across Uniper.
* Support the review and formal approval process for security governance documents and coordinate updates to the ISMS policies framework.
* Ensure ISMS policies and standard documents meet industry best practices, standards and compliance requirements.
* Define and ensure implementation of information security governance across technologies, departments, and data assets.
* Engage in preparation for and participation in external and internal audits (e.g., ISO 27001, NIS2, KRITIS, DORA). Maintain awareness and knowledge of current changes within legal, regulatory, and technology environments.
* Support overall validation of adherence to ISMS policies and standards through control evaluation, ensuring compliance through assessment, remediation, and escalation.
* Define and manage key performance indicators (KPIs) to measure effectiveness and compliance related to ISMS policies and standards.
* Collaborate with IT and Operational Technology (OT) teams to ensure security measures and practices are integrated across all technology stacks and control systems.
Minimum Requirements:
* Completed degree in information security, business information technology, computer science, business administration, or a similar field / qualification.
* Several years of experience in information security management / governance, or other information risk management functions.
* Profound knowledge of information security industry standards and regulatory requirements, e.g., ISO / IEC 27001 / 62443, NIST CSF, NIS 2, DORA, KRITIS. Proven track record of implementing new regulations and maintaining compliance.
* Good understanding of modern IT technology stacks, knowledge and understanding of control system (OT) architecture is a plus.
* Excellent communication and interpersonal skills.
* Proactive mindset to anticipate and address potential security issues before they become critical.
* Effective project management skills to oversee the implementation of security initiatives.
* Fluency in written and spoken English, German is a plus.
Location: Information Security Manager • Düsseldorf, Germany
#J-18808-Ljbffr