Senior Cybersecurity Scrum Master focusing on release management at AT&T, collaborating across teams and managing production change requests with an Agile mindset.
About the role
- Regional Information Security Officer managing security protocols and compliance for KARL STORZ. Leading local ISOs and enhancing information security measures across subsidiaries.
Responsibilities
- Communication & Mentoring: Direct collaboration and coaching of local ISOs to identify responsibilities and inefficiencies in information security across subsidiaries and within the ISMS.
- Feedback & Improvement: Gathering feedback from local ISOs on improvement opportunities within the KSSF, the risk management methodology, and supporting security processes, and enabling ISOs to maintain a risk management process for their region.
- Reporting & Budget: Managing the communication of information security reports between subsidiaries and the global information security organization, and reporting KPIs, KRIs and OPIs to relevant stakeholders for budget planning and financial forecasting.
- Incident Response: Supporting local ISOs in managing incident response processes to detect, alert and contain security incidents, and maintaining effective regional cyber crisis management procedures.
- Compliance & Control: Collecting, assessing and reporting on subsidiaries’ compliance with KARL STORZ information security requirements, and tracking the implementation of security controls in line with global security standards.
- Training & Awareness: Ensuring appropriate training and awareness content for employees and users, and reviewing and approving online trainings, instructor-led courses and workshops within the region.
Requirements
- Minimum of 10 years of professional experience in information technology, audit and/or compliance, including at least 5 years in information security
- Bachelor’s degree or equivalent professional experience
- Certifications such as CISSP, CISM, CRISC, PMP, CISA or GSLC, and demonstrated experience implementing ISO 27001, including all phases of the certification process
- Expert knowledge of EU and US standards in cyber and information security
- Strong knowledge of the ISO 2700X series and a solid understanding of the NIST Cybersecurity Framework
- Knowledge of HIPAA / HITRUST is an advantage
- Understanding of the different cultures across Europe and the ability to communicate cyber and information security recommendations in a factual and respectful manner
- Ability to solve complex problems creatively, together with a high level of integrity, initiative and motivation
- High resilience and knowledge of methods to promote mental health
- Excellent written, verbal and interpersonal communication skills in English for interacting with employees at all levels
- Willingness to travel (domestic and international) and confident driving skills for business travel
Benefits
- Flexible working hours & remote work: In many areas, working time and location can be adapted as needed
- 30 days of vacation plus various special payments
- Training & development: open in-house seminar program, extensive e-learning offerings, professional development and more
- Corporate Benefits discounts and bike leasing
- Contribution to private pension plans and company health management
- Various childcare options – available at the headquarters in Tuttlingen
- Health, sports, cultural and leisure offerings – available offerings vary by location
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
BISO responsible for planning and executing enterprise - wide information security initiatives at Elsevier. Driving cybersecurity awareness and managing technical risk assessments for organizational improvements.
Develop innovative Cloud architectures on Microsoft Azure platforms. Secure cloud infrastructure and applications against various threats while working in a project team.
Analista Pleno de Segurança Patrimonial na Hershey Brasil, responsável por suporte de segurança física e gestão de serviços de segurança. Atuará em conformidade e gestão de crise em São Roque.
Senior Security Architect managing security architecture for Fitch Group. Leading design and implementation of control sets for emerging technologies.
CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.
Senior Security Officer responsible for security and safety duties in acute care settings. Providing armed presence and response, coordinating with law enforcement as required.
Security Officer overseeing sensitive information protection and compliance with regulations. Collaborating with internal teams ensure security policy implementation and risk management under EU standards.
Technical consultant addressing information security risks for USAA and guiding strategic security direction. Leading peers in assessing security strategies and educating on best practices.