OT Security Consultant improving security for operational technology and industrial control systems. Collaborating with clients to enhance their OT security posture and governance in critical infrastructure.
VK
Hybrid Manager, Cyber Security – Regulatory Compliance
Posted 1 hour ago
About the role
- Manager in Cyber Security & Regulatory Compliance overseeing IT security and compliance processes at C.H.BECK, a longstanding media group. Engaging in risk management and collaboration across departments.
Responsibilities
- Establish, operate and continuously develop a group-wide ISMS in accordance with ISO/IEC 27001:2022 and ISO/IEC 42001
- Introduce and enhance structured and partially automated compliance processes, e.g., for evidence collection, controls and audit preparation
- Integrate regulatory requirements (DORA, EU AI Act, NIS2, GDPR) into existing compliance structures
- Prepare, coordinate and support internal and external audits, with a focus on automation and reduced documentation overhead
- Maintain the risk and asset registers and perform standardized risk assessments in IT, AI and project contexts
- Implement AI governance according to ISO/IEC 42001 and establish AI risk management across the entire lifecycle
- Implement the requirements of the EU AI Act for high‑risk AI systems
- Implement requirements for IT risk management, business continuity, disaster recovery and incident management in line with legal and regulatory obligations
- Develop, harmonize and maintain group‑wide security policies
- Work closely with IT, Legal, Data Protection, Procurement, Sales and external auditors, and prepare regular management reports
Requirements
- Degree in Business Law, IT Law, Law & Compliance or an equivalent qualification
- Relevant professional experience in IT law, data protection, compliance, regulation, or in interface roles between Legal and IT
- Strong knowledge of relevant standards and regulations, in particular: ISO/IEC 27001, ISO/IEC 42001, GDPR, EU AI Act, DORA, NIS2
- Documented further training in information security, ideally as an ISO/IEC 27001 Practitioner, Lead Implementer or Lead Auditor
- Experience analyzing regulatory requirements, producing compliance documentation and supporting internal and external audits
- Excellent communication skills and a confident presence with auditors, business units and management
- Structured, independent and solution‑oriented working style with strong analytical skills
- Excellent German and English language skills
- Advantageous: experience with GRC/TPRM tools (e.g., OneTrust, Vanta, Drata)
Benefits
- Sports and health programs — cooperation with EGYM
- Flexible working arrangements: 37.5 hours/week full-time with flextime and home office
- After-work beer, internal staff trade fair, summer and winter company events
- Travel and lunch allowances, parking with e-charging infrastructure, book discounts & much more!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Cloud Security Engineer responsible for architecting secure cloud application infrastructure at QTS. Drive strategic security initiatives across public, private, and hybrid cloud environments to support growth.
Technical security lead managing security operations for Kong Cloud. Architecting advanced security solutions and mentoring engineers in a fast - paced environment.
Designs cybersecurity systems and frameworks for Navy Federal’s information security strategy. Collaborates with stakeholders, solving complex issues to enhance security architecture.
Werkstudent in process intelligence and information security, supporting various tasks in a hybrid role at Axians in Ulm, Germany.
Internship in Quality Management and Information Security helping with process optimization and data analysis at Axians in Germany.
Support in quality and information security management, optimizing processes in collaboration with departments. Create reports and help maintain documentation ensuring up - to - date records.
Workday Security Consultant serving as bridge between HR functional area and IT for technology solutions. Involves analysis, development, and maintenance of HRIS solutions.
IT Security Architect responsible for building security concepts and enhancing company - wide safety measures. Contributes to reliable global software solutions in an international team context.
Cyber Security Service Performance Manager managing the delivery of cyber security services within TfL. Focusing on service transition, contract management, and stakeholder engagement.