Chief Information Security Officer
Role details
Job location
Tech stack
Job description
-
Strategy & Governance: You will develop and be responsible for the information security strategy. In cooperation with the Haniel Group CISO, you will ensure that guidelines, standards and processes are clearly defined, implemented throughout the company and consistently adhered to. You will also ensure the operation and continuous improvement of the ISMS.
-
Leadership & Collaboration: You will lead the information security team and work closely with the functions IT, Legal, Compliance, Data Protection and operating units. In addition, you are an active member of the Haniel Group's Information Security Committee. Your goal: to anchor information security in the company in the long term.
-
Consulting & Communication: You will regularly inform the management about the status of information security, existing risks, ongoing initiatives and possible vulnerabilities - and give concrete recommendations for action to further strengthen the security situation. In addition, you will report KPIs to the Group CISO on a quarterly basis.
-
Incident Management & Risk Management: You will be the central point of contact for critical security incidents, manage the response throughout the company and ensure effective risk management - with foresight, decisiveness and a clear focus on prevention.
Requirements
- Leadership experience & international competence: You have several years of management experience in the field of information security, ideally in an international environment
- Governance, Risk & Compliance: You have in-depth knowledge of Governance, Risk & Compliance and dealing with global standards (e.g. ISO 27001, NIS2, CIS Controls)
- Technical understanding: You have a solid technical understanding of IT security architectures, cloud security, network and identity management as well as cybersecurity platforms
- Crisis management: You have experience in the development of incident response processes and understand how to coordinate structured responses
- Data Analysis & Reporting: You have experience in KPI reporting and combine technical understanding, analytical strength and clear communication with different stakeholders
- Certifications: Certifications such as CISSP, CISM, CISA are a plus
- Language skills: You speak fluent German and English, * Strategic thinking: You plan long-term security strategies and have an entrepreneurial mindset
- Ability to act and assert yourself: You act in a solution-oriented manner, make decisions and convince stakeholders and departments of necessary developments
- Strong communication skills: You can plausibly explain complex technical risks to non-technical stakeholders - also at management level - and work successfully with different cultures
- Resilience: In the event of a crisis, you act calmly, clearly and confidently
- Leadership: You lead teams on an equal footing, build trust internally and develop talent
- Flexibility & collaboration: You act openly and flexibly in dynamic environments
- Accountability & integrity: You take responsibility, make reflected decisions and act with integrity
Benefits & conditions
- Meaningful task: You protect what matters to us - our data, processes and values - and turn security into a competitive advantage
- Top-level influence: You have a direct line to the management and close cooperation with all central areas of the company
- Creative freedom: You will continue to expand the information security organization with strategic relevance
- Modern work culture & flexible working hours: We live a flexible remote policy, open communication and flat hierarchies
- Attractive conditions: We offer a competitive compensation package as well as individual development opportunities
