Verlag C.H.Beck GmbH & Co. KG

Manager, Cyber Security – Regulatory Compliance

Verlag C.H.Beck GmbH & Co. KG

full-time

Posted on:

Location Type: Hybrid

Location: MunichGermany

Visit company website

Explore more

AI Apply
Apply

About the role

  • Establish, operate and continuously develop a group-wide ISMS in accordance with ISO/IEC 27001:2022 and ISO/IEC 42001
  • Introduce and enhance structured and partially automated compliance processes, e.g., for evidence collection, controls and audit preparation
  • Integrate regulatory requirements (DORA, EU AI Act, NIS2, GDPR) into existing compliance structures
  • Prepare, coordinate and support internal and external audits, with a focus on automation and reduced documentation overhead
  • Maintain the risk and asset registers and perform standardized risk assessments in IT, AI and project contexts
  • Implement AI governance according to ISO/IEC 42001 and establish AI risk management across the entire lifecycle
  • Implement the requirements of the EU AI Act for high‑risk AI systems
  • Implement requirements for IT risk management, business continuity, disaster recovery and incident management in line with legal and regulatory obligations
  • Develop, harmonize and maintain group‑wide security policies
  • Work closely with IT, Legal, Data Protection, Procurement, Sales and external auditors, and prepare regular management reports

Requirements

  • Degree in Business Law, IT Law, Law & Compliance or an equivalent qualification
  • Relevant professional experience in IT law, data protection, compliance, regulation, or in interface roles between Legal and IT
  • Strong knowledge of relevant standards and regulations, in particular: ISO/IEC 27001, ISO/IEC 42001, GDPR, EU AI Act, DORA, NIS2
  • Documented further training in information security, ideally as an ISO/IEC 27001 Practitioner, Lead Implementer or Lead Auditor
  • Experience analyzing regulatory requirements, producing compliance documentation and supporting internal and external audits
  • Excellent communication skills and a confident presence with auditors, business units and management
  • Structured, independent and solution‑oriented working style with strong analytical skills
  • Excellent German and English language skills
  • Advantageous: experience with GRC/TPRM tools (e.g., OneTrust, Vanta, Drata)
Benefits
  • Sports and health programs — cooperation with EGYM
  • Flexible working arrangements: 37.5 hours/week full-time with flextime and home office
  • After-work beer, internal staff trade fair, summer and winter company events
  • Travel and lunch allowances, parking with e-charging infrastructure, book discounts & much more!
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
ISO/IEC 27001ISO/IEC 42001GDPREU AI ActDORANIS2risk assessmentsAI governanceIT risk managementcompliance documentation
Soft Skills
communication skillsanalytical skillsstructured working styleindependent working stylesolution-oriented working styleconfident presencecollaborationcoordinationreportingauditing
Certifications
ISO/IEC 27001 PractitionerISO/IEC 27001 Lead ImplementerISO/IEC 27001 Lead Auditor