About the role

Business Continuity and Cybersecurity Awareness Manager at ZEAL, leading BCM and cybersecurity training initiatives. Ensuring resilient operations and fostering secure behavior across teams.

Responsibilities

Develop and own ZEAL’s BCM strategy, policy, and governance framework (aligned with ISO 22301)
Lead the Business Impact Analysis (BIA) to identify critical processes and dependencies
Define and maintain Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) for critical systems
Collaborate with Engineering, Corp IT, and Business units to integrate HA and DR requirements into technical and operational designs
Plan and conduct BCM and DR tests, exercises, and simulations to validate organizational preparedness
Develop and maintain ZEAL’s Crisis Management framework, including roles, responsibilities, playbooks, and escalation paths
Ensure alignment between BCM, Information Security, Risk Management, and Compliance—especially within the ISO 27001 framework
Continuously improve the BCM program through metrics, lessons learned, and maturity assessments
Prepare regular updates, reports, and presentations for senior management and the Audit Committee
Design, implement, and manage ZEAL’s cybersecurity training and awareness program
Develop and deliver security training campaigns, phishing simulations, workshops, and internal communications
Partner with People & Culture, IT, and Communications to embed security awareness into onboarding and ongoing education
Measure and evaluate training effectiveness through engagement metrics, phishing performance, and feedback surveys

5+ years of experience in Business Continuity Management, Disaster Recovery, or Operational Resilience
Hands-on experience establishing or scaling a BCM function
Strong understanding of ISO 22301, ITIL Continuity Management, and risk-based resilience approaches
Technical understanding of infrastructure resilience, cloud environments, and HA/DR concepts
Experience conducting BIAs, continuity planning, crisis exercises, and simulations
Background in designing, delivering, and evaluating security awareness programs and phishing simulations
Excellent stakeholder management, communication, and presentation skills
Ability to collaborate effectively across technical and non-technical teams
Ability to translate business needs into technical requirements
Certifications such as CBCI, MBCI, ISO 22301 Lead Implementer, or DRII (nice to have)
Experience in regulated or high-availability sectors such as finance or e-commerce (nice to have)
Knowledge of crisis communication and emergency management principles (nice to have)
Familiarity with AWS and resilience in cloud-native environments (nice to have)

A modern, dynamic culture grounded in the success of a leading-edge e-commerce company.
A talented team of ambitious, like-minded colleagues where your knowledge and ideas truly make an impact.
Ongoing personal growth, supported by an annual development budget of €1,500 to invest in your professional development.
Trust and autonomy, no micromanagement, just confidence in your ability to deliver and excel.
Flexible work options with a hybrid setup focused on results.
Unlimited vacation days in addition to your yearly 30-day vacation allowance.
Opportunity for workations abroad using our WorkFlex tool.
Monthly mobility allowance of €30 to use on the mobility option of your choice (e.g., the Deutschlandticket), plus access to a company bike leasing program.
Company pension scheme, provided in partnership with Degura, to support your future financial security.
Subsidized EGYM WELLPASS membership, with a contribution of only €25 per month, giving you access to a wide range of gyms and sports options across Germany.
Quarterly company events, along with regular team activities and informal gatherings, a favorite being our Healthy Tuesday lunches or Treat Thursdays in the office!