Information Security Manager

Welcome to ZEISS - a company that combines innovation and responsibility! Our corporate functions are diverse and make a decisive contribution to the strategic orientation and sustainable success of ZEISS.

Corporate Information Technology (CIT) is the central part of the company's strategy, developing and implementing innovative security solutions to enhance efficiency and competitiveness in the Carl Zeiss Group. By working closely with various business units, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.

Your role

Aa an Information Security Manager you take over ownership and steering of complex domains and activities on a global scale. As domain responsible, the Information Security Manager is steering a dedicated InfoSec domain in line with corporate and business InfoSec demands and objectives.

• Take over ownership for a dedicated cross-functional InfoSec domain and drive the development of the area of responsibility globally
• Contribute to risk management by identifying and assessing InfoSec risks related to the field of responsibility and define and propose mitigating actions
• Develop the domain-specific strategy and roadmap by proposing long-term goals in alignment with other InfoSec domains and the corporate and business InfoSec strategy
• Handle incoming requests and requirements as the first point of contact for the dedicated InfoSec domain and drive InfoSec programs, initiatives and projects according to aligned priorities and objectives
• Engage with stakeholders across the organization to ensure the alignment of InfoSec goals, priorities and initiatives
• Lead and orchestrate security (project) teams and provide guidance for less experienced staff members

• Apprenticeship, studies or professional education in Information Security Management, Business Administration, Corporate Governance, Management, IT, Engineering or a related discipline (Bachelor's or Master's degree) or an equivalent mix of education and professional experience.
• Several years of professional experience in a field related to IT-, Information- or Cyber Security, e. g. Information Security Management, ISO 27001, Information Security KPIs, Information Security Incident Management.
• One or more relevant and current information security certifications from an established organization (such as ISACA, ISC2, CompTIA, EC-Council, GIAC, OffSec or vendor-specific certifications).
• Knowledge and experience in managing and driving information security projects across multiple stakeholders in a global business environment.
• Ability to solve complex tasks and problems, applying innovative thinking
• Ability to work in a structured and independent way and to correlate technologies, understand complex environments, business requirements
• Ability to interact with fellow employees, stakeholders, incl. functional peer group managers, involving matters between functional areas, other company divisions or units
• High level of personal resilience and self-driven, results-oriented approach to work
• German (fluently) OR English (fluently), other languages of advantage

ZEISS is technology, optics and innovation. We develop, manufacture and sell highly innovative products and solutions for our customers in a variety of business fields. As one of the world’s top technology companies with a portfolio aligned with future growth areas like digitalization, healthcare and Smart Production, and a strong brand to boot, ZEISS is shaping the future far beyond the optics and optoelectronics industries. The company’s significant, sustainable investments in research and development lay the foundation for the success, continued expansion and market leadership.