Senior Information Security Manager in Oberkochen bei ZEISS Group

Senior Information Security Manager (m/f/d) in Oberkochen bei ZEISS Group

ZEISS Group

Your Role

The InfoSec Certifications and Governance team is responsible for developing, implementing, and maintaining the ZEISS Information Security Program within the ZEISS Information Security Organization. The ZEISS Information Security Program is aligned with well-known international frameworks and standards and considers requirements from all business functions across the ZEISS group as well as regulatory requirements. Furthermore, the team’s responsibilities include Governance, Risk and Compliance Management, Information Security Audit Management, and ISMS operation. As Senior Information Security Manager, you will be engaged to further development and operation of the ZEISS Information Security Program in areas such as the ZEISS Information Security Management System Process, the ZEISS Policy Framework, Information Security in Supplier Relationships and Prototype Protection.

You will

Define, develop and review information security policies, procedures, guidelines, forms and templates together with the related Subject Matter Experts
Recommend and develop measures to ensure compliance with ISO 27001 as well as other applicable information security requirements and frameworks
Work on Information Security Risk Assessments and Analysis to make sure appropriate measures are taken in order to treat identified Information Security Risks appropriately
Further develop and implement Information Security Auditing across all ZEISS legal entities and locations together with the responsible Regional and Business Information Security Officers
Support communication of all matters relating to the ZEISS Information Security Program into all Businesses and Regions
Work on further development of the ZEISS GRC tool
Shape the Information Security posture of ZEISS globally and in a sustainable way with the ability to bring your ideas to life
Be part of a dynamic and motivated team with a passion for Information Security consisting of people of all different experience levels and personalities

Your Profile

Apprenticeship / professional education / studies in the field of Information Security (Bachelor's or Master's degree) or equivalent combination of education and working experience
>4 years of professional experience in a field related to IT- or Information Security, e. g. Information Security Management, ISO 27001, Information Security KPIs, Information Security Incident Management
First experience of successfully projects related to ISO 27001, Information Security Auditing, creation and supporting of the implementation of policy frameworks on a global scale in complex environments
Ability to work in a structured and independent way
An analytic personality, including the ability to solve complex tasks and problems by applying innovative thinking
A stakeholder’s manager who brings a hands-on mentality as well as a goal-oriented mindset
Fluent English or German language skills
French, Spanish or other languages are of advantage