The department Group Information Security ensures that information and all supporting processes of the company are reasonably protected to protect the company against significant damages and to ensure the compliance with legal, regulatory and contractual requirements.
You will support the Group Information Security department in the analysis of information security risks and with the subject areas of Policies and Organisation, Compliance and Human Resources Security.
– Identification, evaluation and tracking of information security risks in complex operative IT systems
– Participation in projects and ensuring that all security risks in these projects are identified, evaluated and that recommended controls are implemented
– Cooperation with internal and external units of the group, for example data protection officers, compliance officers and service providers
– Consultation of the departments and the management in all questions concerning information security
– Adjustment of internal processes and standards with legal and regulatory requirements
– Support in the development of security policies and standards
– Development and realisation of internal training measures regarding information security
– University degree (Master or diploma) in IT or business informatics
– Distinctive experience and knowledge of methods and procedures in the information security sector with according exams
– Excellent analytical skills and experience to understand, structure and prepare/ explain complex topics
– Team orientation and strong communication skills
– Very good IT skills
– Knowledge of legal and regulatory general conditions and requirements in financial industry, for example BSI basic protection, ISO 27001, COBIT
– Fluency English (spoken and written). German will be considered as an added value.