Information Security Officer - Governance

• Operation, expansion and optimization of the information security management system (ISMS);
• Preparation, implementation and follow-up of internal and external audits (e.g. ISO 27001, TISAX);
• Development and implementation of target group-oriented training courses as well as awareness and security testing measures;
• Carrying out risk analyses and assessments of IT systems and services;
• Reporting suspicious and security incidents and participating in their analysis, clarification and processing;
• Developing risk-based measures together with the specialist departments and following up on their implementation;
• Developing key performance indicators, collecting and maintaining data and creating consolidated reports;
• Ensuring compliance with Group-wide security regulations and responsibility for creating, updating and complying with global and regional security-related corporate guidelines and standards.

• Completed studies (e.g. computer science, business informatics, cyber security, business administration) or comparable professional background;
• Several years of professional experience in information security and sound knowledge of IT infrastructure and IT security;
• Very good knowledge of the ISO27x series standards and the TISAX framework;
• Experience with audits and global projects;
• Very good knowledge of English;
• Willingness to travel occasionally.

• Opportunities and promotion prospects.

Dräxlmaier