Connecting linkedin

Information Security Officer

  • Location

    Munich, Bayern

  • Sector:

    Information Security

  • Job type:


  • Salary:


  • Contact:

    Nicolo Felici

  • Contact email:

  • Salary high:


  • Salary low:


  • Job ref:


  • Published:

    12 months ago

  • Expiry date:


  • Startdate:


Job Purpose/Role

Security, Protection & Resilience is the core team and central driver for Information Security four our client.
The division is tasked to continue evolving a strong security organization, establishing global security solutions and countermeasures and to oversee the effectiveness and guide the implementation of security controls.

The Information Security Manager is a key role within the Security Assurance & Architecture Team. He/she is part of the function that is responsible for the effective implementation and maintenance of the Information Security Management System. Furthermore, he/she oversees the fulfilment of Information Security requirements in all services provided by our client as shared service provider to its customers, including those provided by 3rd parties and/or outsourcing providers.

Key Responsibilities

  • Evaluate, recommend, develop, monitor and maintain IT security policies, procedures and systems
  • Ensure that IT security architecture, controls, processes, policies and procedures are aligned with IT security standards and requirements for data protection, business continuity, IT service continuity and disaster recovery
  • Serving as central contact person for information security-related matters, including interfaces to business, partners, customers and other safeguarding functions; promote knowledge and awareness of our client security requirements and processes
  • Control the implementation of and compliance with Group-wide standards, regulatory requirements and industry security standards within the organization, its services and in projects
  • Ensure the implementation of Information Security principles and procedures during the full life cycle of services offered by the company and its external providers (e.g. Cloud services); systematically assess the effectiveness of security controls
  • Develop security guidelines and directives
  • Security Risk Management, including supporting the life cycle of security risk assessments, assessing and addressing deviations from security policies, guidelines and contractually agreed provisions; develop effective strategies to mitigate identified information security risks.

Key Requirements/Skills/Experience

  • University degree (primarily in computer science, business informatics or natural sciences), or equivalent professional experience
  • Long track record of experience in IT; 5 years+ experience in Information Security related fields; sound knowledge of IT security Technology, architecture and processes and profound knowledge of information security management systems and relevant industry standards (in particular ISO270xx, COBIT5)
  • Practical experience with provider management (including Cloud providers), IT outsourcing and related control frameworks
  • Project management and/or basic leadership experience, ability to cope with high workload, and being able to exercise good levels of independence, judgement and initiative
  • Proficient in German, excellent international communication skills including the ability to prepare professional documentation and presentations for various audiences and senior management
  • Competence to exchange complex information with diplomatic tact and to cooperate with a diverse internal and external audience
  • Ability to carry out tasks independently in non-standardized (ever-changing) work situations