Pole Information Security Officer, Mannheim
Vi
full-time
Posted on:
Location Type: Office
Location: Mannheim • 🇩🇪 Germany
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudCyber SecurityITSMTypeScript
About the role
- Establish, maintain and further develop the ISMS within VINCI Energies' SQUI system
- Ensure implementation of the ISMS strategy and policies in accordance with ISO/IEC 27001, BSI IT-Grundschutz and applicable legal requirements
- Continuously improve the ISMS, taking into account IT, OT and cloud infrastructure as well as IT service management (ITSM)
- Advise management, executives and employees on all matters related to information security
- Report and track information security incidents
- Support risk and business impact analyses (BIA) and assist in preparing emergency, recovery and restoration plans
- Review the currency and effectiveness of IT emergency and business continuity plans
- Plan, conduct and follow up on security exercises and penetration tests in cooperation with quality, safety and BCM officers
- Perform risk, threat and vulnerability analyses in IT/OT/cloud projects
- Assess the maturity of the ISMS, including effectiveness checks of corrective and preventive actions (CAPA)
- Conduct and coordinate internal and external audits and assessments
- Provide regular written reports to executive management on the status of information security
- Prepare management reports and recommendations as part of management reviews
- Document and track all relevant information security measures
- Promote information security awareness and a cybersecurity culture across the company
- Support management in liaising with external bodies (authorities, police, BSI, customers)
Requirements
- Degree in Computer Science, IT Security, Business Informatics or a comparable qualification
- Several years of professional experience in information security, IT risk management or IT compliance
- Solid knowledge of ISO/IEC 27001, BSI IT-Grundschutz and relevant legal requirements
- Analytical thinking, strong communication skills and assertiveness
- Familiarity with IT/OT/cloud architectures and IT service management processes
- Certifications such as CISM, CISSP, ISO 27001 Lead Implementer/Auditor or equivalent are an advantage
- Excellent German language skills, written and spoken
- Good English language skills, written and spoken
Benefits
- Work in an open, friendly and collegial team with a wide range of responsibilities
- Use of modern, high-quality technologies and systems such as Office 365, SharePoint (online), Cloud, Teams (phone system), etc.
- We foster an open, communicative corporate culture with continuous knowledge sharing
- Exciting projects and new challenges in an international company
- Support for professional development, further training and expansion of technical expertise
- Opportunity to actively shape and improve processes
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
ISMSISO/IEC 27001BSI IT-GrundschutzIT service managementrisk analysisvulnerability analysispenetration testingbusiness impact analysiscorrective and preventive actionsinternal and external audits
Soft skills
analytical thinkingstrong communication skillsassertiveness
Certifications
CISMCISSPISO 27001 Lead ImplementerISO 27001 Auditor