Company: Vaillant GmbH Location: Country: Germany (DE) Brand: Vaillant Group
What makes us special
* Remote Work: We offer our employees the opportunity to work up to 70% of their working hours on a mobile basis. In addition, they can work up to 30 days a year from a country in the European Union
* You will work in a fast growing, agile and very dynamic team that challenges established routines and helps transforming the Vaillant Group to a data informed business
* The compatibility of work and family is also important to us therefore, we offer flexible working hours. Our employees organize their working hours individually in consultation with their colleagues and management so that family and career can be individually harmonized
* We offer our employees in Germany an attractive remuneration package in line with the NRW IG-Metall collective agreement, including holiday and Christmas bonuses
What we achieve together
* In this responsible position, you will assess the Vaillant Group's information security risk landscape and advise on the development of strategic decision papers for information security and the cyber security program
* Supporting the CISO in the implementation of the information security strategy with a focus on risk management complements your area of responsibility
* In an international environment, you will be responsible for the planning, development and management of Group-wide information security risk management
* The identification, assessment and management of information and cyber risks as well as protection needs analyses and the submission of key figures and reports round off your portfolio
* You evaluate and monitor risk management activities as well as internal and external audit findings and coordinate residual risks and mitigation plans with stakeholders to ensure compliance with Group guidelines
* As a central point of contact and expert, you will be responsible for conducting regular risk analyses and reporting to key stakeholders
* You will analyse organizational and technical information security measures and take the lead in maintaining and improving information security guidelines and standards
What makes us successful together
* Qualifications: Successfully completed Bachelor's or Master's degree in engineering, IT security, computer science or business administration with a corresponding focus. Further training and certificates in information security are desirable (CRISC, CISM, CISSP, CISA, ISO 27001 Lead Auditor)
* Know-how: Several years of professional experience in information security, risk management, governance, compliance as well as experience in project management.
o Experience with common information security standards (ISO 27001, IEC 62443, NIST)
o Experience in leading the development and implementation of information security policies, procedures and guidelines to ensure compliance with relevant policies, laws and standards (NIS2, CRA)
o In-depth knowledge of information security risk management as well as risk management, remediation and reporting
* Personality: You are characterized by a high affinity for numbers, shareholder management, a thirst for knowledge and a strong assertiveness
* Work style & language: Reliable, precise, independent and goal-oriented work style as well as adequate communication in fluent English & German
We promote equity and do not tolerate any form of discrimination. We value the uniqueness of each individual and encourage all people to apply.
Your Contact:
Michelle Kannler
+49 2191 18 2601