Group Information Security Manager (m/f/d)

Group Information Security Manager (m/f/d)

Company : Vaillant GmbH Location : Germany Brand : Vaillant Group

What makes us special

• Remote Work: We offer our employees the opportunity to work up to 70% of their working hours on a mobile basis. In addition, they can work up to 30 days a year from a country in the European Union.
• You will work in a fast growing, agile and very dynamic team that challenges established routines and helps transforming the Vaillant Group to a data informed business.
• The compatibility of work and family is also important to us; therefore, we offer flexible working hours. Our employees organize their working hours individually in consultation with their colleagues and management so that family and career can be individually harmonized.
• We offer our employees in Germany an attractive remuneration package in line with the NRW IG-Metall collective agreement, including holiday and Christmas bonuses.

What we achieve together

• In this responsible position, you will assess the Vaillant Group\’s information security risk landscape and advise on the development of strategic decision papers for information security and the cyber security program.
• Supporting the CISO in the implementation of the information security strategy with a focus on risk management complements your area of responsibility.
• In an international environment, you will be responsible for the planning, development and management of Group-wide information security risk management.
• The identification, assessment and management of information and cyber risks as well as protection needs analyses and the submission of key figures and reports round off your portfolio.
• You evaluate and monitor risk management activities as well as internal and external audit findings and coordinate residual risks and mitigation plans with stakeholders to ensure compliance with Group guidelines.
• As a central point of contact and expert, you will be responsible for conducting regular risk analyses and reporting to key stakeholders.
• You will analyse organizational and technical information security measures and take the lead in maintaining and improving information security guidelines and standards.

What makes us successful together

• Qualifications: Successfully completed Bachelor\’s or Master\’s degree in engineering, IT security, computer science or business administration with a corresponding focus. Further training and certificates in information security are desirable (CRISC, CISM, CISSP, CISA, ISO 27001 Lead Auditor).
• Know-how: Several years of professional experience in information security, risk management, governance, compliance as well as experience in project management.
  • Experience with common information security standards (ISO 27001, IEC 62443, NIST).
  • Experience in leading the development and implementation of information security policies, procedures and guidelines to ensure compliance with relevant policies, laws and standards (NIS2, CRA).
  • In-depth knowledge of information security risk management as well as risk management, remediation and reporting.
• Personality: You are characterized by a high affinity for numbers, shareholder management, a thirst for knowledge and a strong assertiveness.
• Work style & language: Reliable, precise, independent and goal-oriented work style as well as adequate communication in fluent English & German.

We promote equity and do not tolerate any form of discrimination. We value the uniqueness of each individual and encourage all people to apply.

Your Contact:

Michelle Kannler
+49 2191 18 2601

We care about our planet and aim to work carbon-neutrally; for this reason, we can only accept online applications.
Let\’s save the environment together and eliminate paper applications.

#J-18808-Ljbffr