Governance: Be able to develop and maintain information security policies and procedures as an the core of an ISMS
Risk Management: Be able to coordinate gap analysis, information security assessments and risk assessments and derive actionable measures
Compliance: Advise on best practices, standards and frameworks depending on the industry and client needs; be up to date with the legislative local and international landscape in terms of new or updated information security/cyber security laws and regulations and be able to respond to queries about compliance with these
Awareness: be able to design an information security awareness program including but not limited to phishing and training campaigns, situations awareness, physical security, etc.
Coordinate documenting results upon cyber security posture assessments, vulnerability assessments
Monitor and validate the implementation of the required security measures and technologies in the relevant projects/clients.
Recommend tools/technologies and processes that would improve cyber security effectiveness and efficiency be able to define or if already in place, report GRC KPIs
Support security strategies tailored to customers business requirements and their timely implementation
Flexible work (remote, hybrid), which might include business trips, depending on the projects
Your qualifications:
Relevant experience in the fields of information security, cyber security, IT/OT
Very good working knowledge of security practices and frameworks such as ISO27001 (and the series related to privacy and cloud), NIST SP-800 series, COBIT, ITIL, risk management
Good understanding of IT infrastructure and applications landscape
Certifications of benefit: ISO27001 Lead Auditor or Implementor, CISSP, CCSP, CISM, CISA
Very good (verbal and written) German and English language skills
Very good communication and organizational skills
Ability to express ideas clearly, concisely, logically, and persuasively both verbally and in writing
Problem-solving and teamwork skills
Adaptability to international environments and cultures
All applications will be treated in strict confidentiality
Please note that only shortlisted candidates will be invited to an interview