The Ottobock Security Governance is a team of dedicated Cyber Security experts with the mission to secure Ottobock's information assets and infrastructure worldwide. The team is responsible for defining and implementing a risk-based Cyber Security Management within Ottobock Group worldwide. Ottobock Cyber Security Governance Team monitors the implementation of defined controls and conducts reviews to assess risks and define mitigation measures. Based on that know-how and the latest technological trends, it consults with the IT and Business departments to improve enterprise Cyber Security globally.
The Senior Cyber Security Manager (CSM) is one of the process owners for all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the organization's information security policies. A key element of this role is working with the CIO, CISO, and the executive management to determine acceptable levels of risk for the organization. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
Duties & Responsibilities
1. Analyze IT requirements and provide objective advice on information security requirements.
2. Analyze, design, and implement efficient information security technical and organizational measures.
3. Manage the installation of security measures / upgrade systems on internal and outsourced systems.
4. Gather feedback from Business, corporate risk management, IT-compliance, legal, and IT-operations to improve the ISMS.
5. Maintain an information security risk register and assist with internal and external audits relating to information security.
6. Assist with the creation, maintenance, and delivery of cyber security awareness training for colleagues.
7. Work closely with the Security Operations Center to identify potential IT / IS weaknesses and create / update mitigation plans accordingly.
8. Contact stakeholders in relation to cyber security requirements and provide future recommendations.
9. Conduct reviews to check the implementation status of defined ISMS controls in all Ottobock Group entities and suppliers.
10. Generate reports for both technical and non-technical staff and stakeholders.
Qualifications
1. MBA in Information Systems, preferred.
2. Minimum of 3 to 7 years of experience in a combination of risk management, information security, and IT jobs.
3. Excellent written and verbal communication skills in English and German and a high level of personal integrity.
4. Understanding of the internal organizational environment and its relationship to the external business environment.
5. Sound business management skills and knowledge of risk management for cyber security and cybersecurity technologies.
6. Innovative thinking and leadership with the ability to guide and motivate cross-functional, interdisciplinary teams.
7. Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other comparable credentials.
8. Knowledge of common information security management frameworks, such as ISO/IEC, ITIL, BSI, as well as NIST frameworks, including NIST CSF.
9. Experience in operating an ISMS according to ISO/NIST standards.
10. Experience with contract and vendor negotiation and governance including managed services.
11. Very good knowledge of German and English (speaking and writing).
Additional benefits include attractive remuneration, flexible working time models, individual personnel development opportunities, an open corporate culture, and various corporate benefits.
#J-18808-Ljbffr