Job Description: Cyber Security Compliance and Assurance Manager
Main Tasks:
- Ensuring Compliance with Security and Regulatory Requirements: Monitor and assess adherence to legal, regulatory, and internal requirements in information security and data protection.
- Conducting Audits and Assessments: Plan, coordinate, and execute internal and external audits as well as risk and compliance assessments to identify vulnerabilities and areas for improvement.
- Consulting and Training: Support and raise awareness among business units and employees on compliance and security topics; conduct awareness trainings.
- Risk Management: Identify, assess, and track risks related to information security and compliance; develop and implement risk mitigation measures.
- Reporting and Communication: Prepare compliance status reports and communicate results and recommendations to management and relevant stakeholders.
- Collaboration with Internal and External Partners: Work closely with IT, data protection, legal, internal audit, as well as external auditors and authorities.
- Preparation and Support of Certifications: Assist in the preparation and execution of certifications (e.g., ISO 27001, TISAX) and ensure ongoing compliance with requirements.
- Continuous Improvement: Analyze incidents, derive lessons learned, and continuously enhance compliance and security processes.
Minimum Education and Qualification Requirements for the Position:
- Degree in IT, business informatics, engineering, or a comparable qualification.
- Several years of professional experience in information security, compliance, audit, or risk management.
- Knowledge of relevant standards and legal requirements (e.g., ISO 27001, GDPR, NIS2).
- Analytical thinking, strong communication skills, and assertiveness.
- Certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Auditor are an advantage.
