Senior Information Security Governance Consultant
Bei DIGITALL liefern wir nicht nur Technologie - wir liefern die Zukunft! Wir sind Entdecker : innen, Wissensjäger : innen, Tech-Geeks, Problemlöser : innen und Game Changer, die inspirieren und inspiriert werden wollen.
Unsere DIGITALL-Mitarbeitenden sind immer einen Schritt voraus : Sie arbeiten mit Spitzentechnologien, entwickeln Innovationen über Markttrends hinaus und teilen die Leidenschaft, Dinge besser zu machen.
Bei uns steht der Mensch im Mittelpunkt, daher baut unser Teamwork auf gegenseitigem Respekt und offener Kommunikation auf.
Dadurch ermöglichen wir es jedem, authentisch zu sein, Ideen zu äußern und Potenziale zu entfalten. Wir sind stolz auf unsere DIGITALL Minds und hören nie auf, ihre Fähigkeiten weiterzuentwickeln, um gemeinsam über das Mögliche hinauszuwachsen und das zu tun, was wir lieben.
This is your job :
- Governance : Be able to develop and maintain information security policies and procedures as an the core of an ISMS
- Risk Management : Be able to coordinate gap analysis, information security assessments and risk assessments and derive actionable measures
- Compliance : Advise on best practices, standards and frameworks depending on the industry and client needs; be up to date with the legislative local and international landscape in terms of new or updated information security / cyber security laws and regulations and be able to respond to queries about compliance with these
- Awareness : be able to design an information security awareness program including but not limited to phishing and training campaigns, situations awareness, physical security, etc.
- Coordinate documenting results upon cyber security posture assessments, vulnerability assessments
- Monitor and validate the implementation of the required security measures and technologies in the relevant projects / clients.
- Recommend tools / technologies and processes that would improve cyber security effectiveness and efficiency be able to define or if already in place, report GRC KPIs
- Support security strategies tailored to customers business requirements and their timely implementation
Your qualifications :
- 5+ years of experience in the fields of information security, cyber security, IT / OT;
- Very good working knowledge of security practices and frameworks such as ISO27001 (and the series related to privacy and cloud), NIST SP-800 series, COBIT, ITIL, risk management
- Good understanding of IT infrastructure and applications landscape
- Certifications : ISO27001 Lead Auditor or Implementor, CISSP, CCSP, CISM, CISA
- Excellent German (verbal and written) language skills; English as a second language is appreciated
- Very good communication and organizational skills
- Ability to express ideas clearly, concisely, logically, and persuasively both verbally and in writing
- Problem solving and teamworking skills
- Adaptability to international environment and cultures