Information Security Manager
Emerald Group Ltd
Munich, Germany
vor 6 Std.
  • Category : Cyber Security
  • Pay Range : €70k - €90k
  • Key Responsibilities :

  • Manage and develop the Governance regarding Security Platforms and Security of defined Group Core Platforms (e.g. Identity and Access Management, Privileged Access, Network, Public Key Infrastructure, Endpoint, SAS BI, SAP, .
  • within their lifecycle
  • Ensure proper positioning of Information Security Risk assessments in key processes and services. Steer relevant internal and external staff for governance execution
  • Ensure oversight of (new and outdated) business demand, business and security requirements fulfilment via central Service Level Agreements, Group Security Charges) and findings (in central risk register)
  • Control and review implementation and trigger improvements (of Security) of Platforms from a technological, procedural and Service Management Organization perspective
  • Control and review platform services through 3rd party and service assessments, regular penetration tests and red team exercises
  • Review security controls in OEs and 3rd parties for platform services
  • Based on review results trigger the documentation and tracking of findings (in central risk register and related central processes).
  • This includes to promote, monitor and escalate mitigation measures and projects and platform design improvements

  • Contribute to a Global Information Security Risk Scorecard and provide input to various Risk Committees and governance bodies
  • Other Skills :

  • High quality analytical skills
  • People management experience
  • Excellent interpersonal skills
  • Extensive experience in designing Information Security Risk Management processes and services that can scale in a global, diverse environment
  • Ability to establish relationships across all business areas and act in a consultative manner to identify the risks and security requirements applicable to each business area and to intertwine security needs with the goals and objectives of the organization
  • Ability to interact with a wide range of internal staff members and external professionals, including regulators, consultants, auditors, legal counsel, and others
  • Fluent English mandatory; a good command in German a clear plus
  • Degree in Computer Science, Physics, Mathematics, Business Information Systems or related field is required. Master’s degree required
  • Professional certifications in Service Management (e.g. ITIL) as well as Information Security and Risk Management (CRISC, CISM, CISSP)
  • 6-10 years of significant, professional experience in information technology (IS) and a high level of understanding of contemporary hardware and software architectures
  • Understanding of best practices (ISO27001 / 2 / 5, ITIL, COBIT, etc.) and information technology security
  • Broad experience on setting and running Information Security Risk governance process
  • Broad experience in information security risk assessments
  • Broad experience and successful track record of delivering large IT projects and IT Service Operations, ideally with strategic and international scope
  • Successful track record of delivering IT projects and IT Service Operations and Delivery in large and diverse international organizations
  • Knowledge of Service Management and Governance, Risk and Compliance (GRC) tools
  • Knowledge of Risk Assessments in Services, Digital Forensics and Penetration Testing
  • Degree in Computer Science, Physics, Mathematics, Business Information Systems or related field is required. Master’s degree required
  • Professional certifications in Service Management (e.g. ITIL) as well as Information Security and Risk Management (CRISC, CISM, CISSP)
  • 6-10 years of significant, professional experience in information technology (IS) and a high level of understanding of contemporary hardware and software architectures
  • Understanding of best practices (ISO27001 / 2 / 5, ITIL, COBIT, etc.) and information technology security
  • Broad experience on setting and running Information Security Risk governance process
  • Broad experience in information security risk assessments
  • Broad experience and successful track record of delivering large IT projects and IT Service Operations, ideally with strategic and international scope
  • Successful track record of delivering IT projects and IT Service Operations and Delivery in large and diverse international organizations
  • Knowledge of Service Management and Governance, Risk and Compliance (GRC) tools
  • Knowledge of Risk Assessments in Services, Digital Forensics and Penetration Testing
  • Bewerben
    Zu Favoriten hinzufügen
    Aus Favoriten entfernen
    Bewerben
    Meine Email
    Wenn Sie auf "Fortfahren" klicken, stimmen Sie zu, dass neuvoo Ihre persönliche Daten, die Sie in diesem Formular angegeben haben, sammelt und verarbeitet, um ein Neuvoo-Konto zu erstellen und Sie gemäß unserer Datenschutzerklärung per Email zu benachrichtigen. Sie können Ihre Zustimmung jederzeit widerrufen, indem Sie diesen Schritten folgen.
    Fortfahren
    Bewerbungsbogen