Jobsuche > Düsseldorf > Information security

Business Information Security Officer (BISO)- m/f/d

METRO Digital
Düsseldorf, North Rhine-Westphalia, Germany
Diese Stelle ist in deinem Land nicht verfügbar.

Job Description

How will you make an impact?

The purpose of the role is to ensure that the proper governance is in place in the respective local entity to align the information security strategy with our business strategy and to support the respective local entity to implement the needed organizational and technical measures to manage risks and regulatory obligations and to increase the overall level of maturity in regards of Information Security.

The role is directly exposed to local management to support and advise them on Information Security related topics. The role is closely collaborating with the CISO organization and provides critical insight and advice to shape, refine, and continuously improve the Information Security Strategy at METRO.

The role is actively managing the relationship to local cybersecurity agencies (if needed) and might contribute actively to the local / national Information Security community.

In case of a severe incident the role works closely with the local management and the CISO organization to coordinate the response and make informed decisions.

Your Responsibilities :

  • Implement and adapt the METRO AG ISMS to secure the adherence of the local organization and partners to METRO AG ISMS, guidelines and requirements related to Information Security;
  • Plan and coordinate the execution of IT and IS risk assessments (including Third-party risks);
  • Develop and implement yearly action plan to reduce risks level and increase maturity level aligned with METRO continuous improvement process and ambitions set by METRO AG Board;
  • Develop and execute awareness campaign and targeted training for all business functions in the local organization;
  • Report IT and IS related information (risks, incidents, and KPIs) to the CISO organization;
  • Oversee and coordinate incident response crisis management in relation to information security in collaboration with the CISO organization at METRO AG;
  • Support the Legal department with evaluation of relevant information security local laws and regulations;
  • Collaborate with the local Data Protection Officer (DPO) and Local Security Officer (LSO) to define, manage and improve relevant interfaces;
  • Perform local Information Security assurance reviews (pen-testing, etc.)
  • Manage the contact with local cybersecurity agencies (if needed) .

Qualifications

Required key competencies and qualifications :

  • You have excellent communication skills and can communicate effectively with people from a wide range of experiences and professional backgrounds;
  • Bachelor’s or master’s degree in information technology / computer science / cybersecurity, business administration, or a related technical discipline;
  • Experience leading the development and implementation of information security policies, procedures, and guidelines to ensure compliance with relevant regulations and standards;
  • Strong knowledge of information security governance, risk management, and compliance principles, practices, and regulations;
  • Have in-depth know-how in management systems, audits, and analyzing vulnerabilities and audit findings;
  • Have in-depth know-how in ISO 27001 or comparable standards;
  • You have solid experience working in an agile environment and that's where you feel at home.

Additional Information

What do we offer at METRO.digital?

Flexible and remote work : create your own schedule!

Flexibility defines the way we work and interact with each other. At METRO.digital, you have the possibility to work remotely and adapt your working hours in a very flexible way.

People development : when you grow so do we!

We want you to become the best version of yourself with individual and company-wide programs and trainings for people development.

Focused among other on development, leadership, appreciation ... it s time to upskill your career.

Support with individual solutions : we are people-caring!

Life is full of surprises, full of challenges and we want to support you whenever YOU need - at an individual level and during every stage of your life.

Want to know more about all our benefits? Discover more here .

Position grade within our career framework : Domain Owner (Md9) .

Vor 28 Tagen
Ähnliche Stellenangebote
Gesponsert
METRO.digital
Düsseldorf, Nordrhein-Westfalen

The purpose of the role is to ensure that the proper governance is in place in the respective local entity to align the information security strategy with our business strategy and to support the respective local entity to implement the needed organizational and technical measures to manage risks an...

Gesponsert
Michael Page
DE

...

Gesponsert
Hypoport hub SE
Düsseldorf, Nordrhein-Westfalen

Die Hypoport-Gruppe steht für Innovation und Fortschritt in der Finanz-, Immobilien-, Versicherungs- und Kreditwirtschaft.Die Hypoport SE (Holding) ist im MDAX gelistet.Die Hypoport hub SE verbindet als eigenständiges Unternehmen die Corporate Functions für die Hypoport-Unternehmensgruppe.Mit agilen...

Gesponsert
MAM Gruppe
Düsseldorf, Nordrhein-Westfalen

Manage information security risk assessments, reporting any potential weaknesses or incidents to CISO leadership. Previous team leadership or management experience relating to information security. Oversee IT governance and implement a robust security strategy that supports organisational objectives...

Gesponsert
Zync.
Germany

Oversee all aspects of information security strategy and implementation. Years of experience within Information Security. BSc or MSc within Cyber Security or a relevant IT field. ...

METRO LOGISTICS
Düsseldorf, Nordrhein-Westfalen

The purpose of the role is to ensure that the proper governance is in place in the respective local entity to align the information security strategy with our business strategy and to support the respective local entity to implement the needed organizational and technical measures to manage risks an...

LyondellBasell Karriere
bundesweit, Germany

Unternehmen der globalen Chemieindustrie, das Lösungen für ein nachhaltiges Leben im Alltag entwickelt....

Deutsche Postcode Lotterie
Germany

Du bist einer unserer Ansprechpartner für Security Audits und Security Zertifizierungen sowie die Verbindung zu unseren Schwesterlotterien bei der gemeinsamen Umsetzung. Du bist verantwortlich für interne Workshops und Trainings zum Thema Security Awarness und aktuelle Entwicklungen der IT-Security....

ERGO Group AG
Düsseldorf, Nordrhein-Westfalen

Sie sind Teil des Information Security Team im Risikomanagement (2nd Line of Defense) und entwickeln das ISMS unter Berücksichtigung regulatorischer und konzernweiter Vorgaben weiter. Fluent written and spoken business language skills in English. ...

ABLE Management Services GmbH Karriere
bundesweit, Germany

Wir als ABLE Management Services GmbH sind der interne Dienstleister der ABLE GROUP.Mit unseren Dienstleistungen gestalten wir das interne Service- und Beratungsangebot für alle Prozesse in der Gruppe.Dabei agieren wir leidenschaftlich, partnerschaftlich und dynamisch....