Group IT Security Consultant

Developing one of the most efficient heat pumps on the market. And turning the lights on only when needed. Both count. Both are us. Get job alerts, * You will align and drive application security across Group IT-managed and internally developed applications, collaborating closely with interdisciplinary development teams to ensure a secure end-to-end lifecycle

• Your responsibilities will include managing regulatory compliance activities for NIS2, the Cyber Resilience Act and ISO/IEC 27001, enabling our organisation to meet high standards of cyber resilience with confidence
• By creating technical concepts and solution designs, you establish robust Application Security Architecture practices, including Secure Software Development Lifecycle, Static and Dynamic Application Security Testing and Software Composition Analysis
• After analysing and evaluating business requirements, you take decisions and conduct security assessments with a special focus on Identity and Access Management, ensuring secure Role-Based Access Control, Multi-Factor Authentication, Identity Federation and Privileged Access Management
• Together with Group IT teams, you define and implement API and service security standards, leveraging OAuth 2.0, OpenID Connect, JSON Web Tokens and Mutual Transport Layer Security to protect critical interfaces
• Your responsibilities will include contributing to vulnerability and patch management processes, threat modelling (STRIDE) and risk assessments (MITRE ATT&CK), shaping an environment that continuously evolves to counter emerging risks

Do you have experience in SDLC?, * Qualification: You have a degree in business administration, computer science, or a comparable qualification

• Experience: You bring practical experience in Application Security Architecture (Secure SDLC, SAST, DAST, SCA), Identity and Access Management and regulatory compliance (NIS2, CRA, ISO/IEC 27001 Annex A), enabling you to contribute effectively from day one
• Know-how and skills: You demonstrate strong know how in API and service security (OAuth2, OpenID Connect, JWT, mTLS) and apply secure by design principles when guiding teams and shaping technical solutions
• Nice to have: You ideally bring additional knowledge in threat modelling (STRIDE), MITRE ATT&CK, secure CI/CD integration (pipeline hardening, automated code scanning) or vulnerability and patch management processes
• Personality: You are characterized by analytical thinking, a collaborative and structured work style and the ability to explain complex topics in an empowering and approachable way Language skills: You speak fluent English and feel comfortable in an international environment; German language skills are an advantage.

• Hybrid Work: We offer our employees the opportunity to work on a hybrid basis. There is also the option to temporarily work from a country within the European Union
• Salary: We offer an attractive remuneration package in accordance with the NRW IG Metall collective wage agreement, including vacation pay and Christmas bonus.
• Onboarding: Our clearly structured onboarding process, including an Onboarding App, enables us to integrate new employees into Vaillant Group quickly and in a targeted manner
• Health management: We offer comprehensive preventive health counseling & measures
• Individual development: Our development programs "GROW, EVOLVE, LEAD and EXCEL" prepare you for the next step in your career

Die Vaillant Group ist einer der weltweiten Markt- und Technologieführer in den Bereichen Heiz-, Lüftungs- und Klimatechnik.
Werden auch Sie einer von 16.000 Kollegen aus mehr als 70 Nationen, die täglich an der Vision eines besseren Klimas arbeiten – für die Menschen zu Hause und die Umwelt. In großen, innovativen und strategischen Projekten. Und mit kleinen Gesten, die jeder im Alltag dazu beitragen kann. Handeln Sie global, arbeiten Sie global. Und werden Sie Teil eines globalen Teams, denn wir vertreiben unsere Produkte in rund 60 Ländern und verfügen über 10 Produktions- und Entwicklungsstandorte in sechs europäischen Ländern und China.
Bei uns übernehmen Sie spürbar die Verantwortung für die Zukunft – Ihre eigene und die unseres Planeten. Wir bieten Ihnen dafür hervorragende Bedingungen.