Connecting linkedin

Information Security Manager

  • Location

    München, Bayern

  • Sector:

    Information Security

  • Job type:


  • Salary:


  • Contact:

    Nicolo Felici

  • Contact email:

  • Salary high:


  • Salary low:


  • Job ref:


  • Published:

    about 1 year ago

  • Expiry date:


  • Startdate:


Job Purpose/Role

Security, Protection & Resilience is the core team and central driver for Information Security four our client.
The division is tasked to continue evolving a strong security organization, establishing global security solutions and
countermeasures and to oversee the effectiveness and guide the implementation of security controls.

The Information Security Manager is a key role within the Security Assurance & Architecture Team. He/she is part of
the function that is responsible for the effective implementation and maintenance of the Information Security
Management System. Furthermore, he/she oversees the fulfilment of Information Security requirements in all
services provided by our client as shared service provider to its customers, including those provided by 3rd
parties and/or outsourcing providers.

Key Responsibilities

  • Evaluate, recommend, develop, monitor and maintain IT security policies, procedures and systems
  • Ensure that IT security architecture, controls, processes, policies and procedures are aligned with IT security standards and requirements for data protection, business continuity, IT service continuity and disaster recovery
  • Serving as central contact person for information security-related matters, including interfaces to business, partners, customers and other safeguarding functions; promote knowledge and awareness of our client security requirements and processes;
  • Control the implementation of and compliance with Group-wide standards, regulatory requirements and industry security standards within the organization, its services and in projects;
  • Ensure the implementation of Information Security principles and procedures during the full life cycle of services offered by the company and its external providers (e.g. Cloud services); systematically assess the effectiveness of security controls;
  • Develop security guidelines and directives;
  • Security Risk Management, including supporting the life cycle of security risk assessments, assessing and addressing deviations from security policies, guidelines and contractually agreed provisions; develop effective strategies to mitigate identified information security risks.

Key Requirements/Skills/Experience

  • University degree (primarily in computer science, business informatics or natural sciences), or equivalent professional experience;
  • Long track record of experience in IT; 5 years+ experience in Information Security related fields; sound knowledge of IT security Technology, architecture and processes and profound knowledge of information security management systems and relevant industry standards (in particular ISO270xx, COBIT5)
  • Practical experience with provider management (including Cloud providers), IT outsourcing and related control frameworks;
  • Project management and/or basic leadership experience, ability to cope with high workload, and being able to exercise good levels of independence, judgment and initiative;
  • Proficient in German, excellent international communication skills including the ability to prepare professional documentation and presentations for various audiences and senior management;
  • Competence to exchange complex information with diplomatic tact and to cooperate with a diverse internal and external audience
  • Ability to carry out tasks independently in non-standardized (ever-changing) work situations