Principal Information Security Manager (f/m/x)

COMPANY DESCRIPTION About the DOUGLAS Group The DOUGLAS Group, with its commercial brands DOUGLAS, NOCIBÉ, Parfumdreams and Niche Beauty, is the number one omnichannel premium beauty destination in Europe. The DOUGLAS Group is inspiring customers to live their own kind of beauty by offering a unique assortment online and in around 1,900 stores. With unparalleled size and access to customers, the DOUGLAS Group is the partner of choice for brands and offers a premium range of selective and exclusive brands as well as own corporate brands. The assortment includes fragrances, color cosmetics, skin care, hair care, accessories as well as beauty services. Strengthening its successful omnichannel positioning while consistently developing superior customer experience is at the heart of the DOUGLAS Group strategy “Let it Bloom”. The winning business model is underpinned by the Group’s omnichannel proposition, leading brands, and data capabilities. In the financial year 2023/24, the DOUGLAS Group generated sales of 4.45 billion euros and employed around 19,200 people across Europe. It was named the World’s Top Company for Women in 2025 among all retail and wholesale companies by Forbes. The DOUGLAS Group (Douglas AG) is listed at the Frankfurt Stock Exchange. For further information please visit the DOUGLAS Group Website. TASKS WITH IMPACT Shaping a comprehensive information security strategy aligned with DOUGLAS\‘ operational and organizational goals Leading key security initiatives and foster a proactive security culture throughout the company Managing and continuously improving technical safeguards to protect data, applications, and infrastructure Collaborating closely with IT security, product management, and other departments to ensure secure development and operations Performing regular risk assessments, vulnerability analyses, and security drills to detect and mitigate potential threats early Ensuring compliance with regulatory requirements such as GDPR and relevant ISO standards Establishing and further develop security policies, standards, and processes across the DOUGLAS Group Advising senior leadership on strategic decisions related to information and cyber security YOUR SKILLS A university degree in (business) informatics or a comparable field of study At least two years of experience in information security, ideally with a focus on strategic security projects Strong knowledge of regulatory frameworks such as GDPR, EU AI Act, EU Data Act, and NIS 2 Hands‑on experience with ISO standards including ISO 22301, ISO 9000, ISO 31000, and ISO 20000 Practical know‑how in incident management, risk assessments, and the development of security awareness programs Certifications such as CISSP, CISM, or equivalent are a plus Strong communication skills in both English and German – written and spoken YOUR BENEFITS 🚀 Your personal development: we want you to grow with us. Become part of our mentoring program, use our e-learning platforms and benefit from many other individual development opportunities. ✔️ Open feedback culture: half-yearly meetings & performance reviews (#DOUGLASDialogue) 🌴 30 days of vacation per year 📍 Would you like a hybrid working model? We offer a balance between mobile working and office days in a collaborative environment. (approx. 8 days/month) 🍒 Cherry on top: You get our employee discount both online and in-store. On top of that, you get further discount opportunities thanks to our corporate benefits. 🧃 In-house canteen & bistro, as well as free drinks 🎉 A positive and motivating environment & celebrating successes at regular company events such as DOClub, summer party, Women\’s Day, etc DO YOU RECOGNIZE YOURSELF? Then become part of our international company and apply, stating your salary expectations and possible starting date. As an international employer, we stand for equal opportunities and diversity. We therefore welcome applications from mothers, fathers, people with disabilities and people from the LGBTQIA+ community. Please let us know if, for example, we should use a gender‑neutral pronoun, if you need barrier‑free access to our offices or if we should allow more time for the application process. We look forward to hearing from you! #J-18808-Ljbffr