Information Security professional managing governance, audit, and compliance in banking domain. Collaborating across teams to enhance security posture and control effectiveness.
About the role
- Information Security Manager at NVISO enhancing clients' cybersecurity posture through strategic management and consulting. Collaborating closely with clients and leading a team of CISOaaS/GRC consultants.
Responsibilities
- Lead and manage a team of CISOaaS/GRC consultants to deliver high-quality services to clients
- Collaborate closely with clients to understand their business objectives, risks, and specific security requirements
- Assess clients' security maturity (using ISO, BSI or NIST standards) to identify gaps and areas for improvement
- Develop and implement a fit-for-purpose security program aligned with industry standards
- Act as the security champion for client engagements, promoting a security-first mindset
- Conduct risk assessments, identify potential vulnerabilities, and recommend risk mitigation strategies
- Oversee and support implementation of the security program, including policies, procedures, and controls
- Provide management updates on the overall ‘state of security’ for client organizations
- Convene steering committees with relevant stakeholders to guide and adapt the security program as needed
- Actively participate in the sales process by drafting and presenting Statements of Work, project plans, and project requirements for work carried out by your team
- Perform technical account management duties for select top-tier, strategic clients
Requirements
- Eligible for NATO clearance
- Bachelor’s degree in Business Administration, Information Security, or a related field
- Professional certifications such as CISA, CISSP, CISM, ISO 27001 Implementer/Auditor or equivalent are strongly preferred
- Proven experience as a CISO and/or in successfully implementing ISO 27000 series or BSI IT-Grundschutz for clients
- In-depth knowledge of relevant industry standards and frameworks, such as ISO 27001, DORA, NIST, NIS-2, GDPR, etc.
- Familiarity with risk management methodologies and their application to cybersecurity
- Excellent written and verbal communication skills in English and German to convey complex concepts to technical and non-technical stakeholders
- Strong leadership skills with experience managing teams and collaborating with clients and cross-functional teams
Benefits
- Training budget of €10,000 plus 10 days of paid development leave (rolling over two years)
- Work with and learn from leading experts in the European cyber security community
- Several SANS instructors on staff and representation at major security conferences (Black Hat, BruCON, OWASP, etc.)
- Prestigious continuing education opportunities (GSE, GXPN, CISSP, OSCP, etc.)
- A forward-thinking, agile company that supports creation and implementation of new initiatives
- Unique team events (e.g. Lisbon, Dubai, Malta, Lapland)
- Comprehensive coaching program starting on day one
- 30 days of vacation
- Flexible working hours and home-office options (including Working Abroad option within the EU)
- Cost coverage for Deutschlandticket and BahnCard 50
- Company bicycle leasing
- Company pension scheme
- Modern offices in the heart of Frankfurt and Munich (roof terrace, table tennis, gaming console, BBQ)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.
Security Officer ensuring safety and security of Yankee Candle assets and personnel. Responsiblities include monitoring, patrols, incident response, and safety training at the corporate campus.
Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
Cloud Security & Application Security Engineer at Cellulant enhancing security across cloud - native platforms and applications. Working in a hybrid role to support a leading payment service provider in Africa.
IT Audit Consultant joining Baker Tilly to manage technology risks for clients, offering strategic advice and audit support. Engaging with client executives to ensure compliance and operational efficacy.
Senior Health and Safety Advisor overseeing health and safety on construction projects for Aecon. Ensuring compliance with SST legislation and promoting zero accident culture.
Senior Information Security Specialist executing Daikin Europe’s Information Security strategy. Collaborating with leadership to ensure our systems and services remain secure and compliant with regulations.
Experienced Information Security Officer at Daikin responsible for defining Information Security strategy and ensuring compliance with regulatory frameworks. Collaborating with external specialists and mentoring junior team members in EMEA.
Security Specialist ensuring the protection of company and government assets. Conducting daily security functions and providing technical support while maintaining compliance with regulations.