VP Head of Cyber Defence Unit all genders

The Head of Cyber Defence Unit is responsible for the design, implementation, and operation (PLAN, BUILD, RUN) of all technical security solutions and processes. They drive the security vision within IT and beyond, in areas such as production digital products and facility management. The HoITSEC acts as the authority for developing and enforcing technical enterprise security strategy standards and policies.

The HoITSEC is also a close sparring partner to the Chief Information Security Officer (CISO), aligning Information Security Governance and the technical and procedural adoption of ISMS policies and requirements.

Key Responsibilities :

1. Develop and implement the IT Security strategy (covering IT infrastructure, applications, cloud, on-premise) and integrate it into the overall IT strategy.
2. Incorporate the IT security strategy into production and R&D strategies.
3. Establish a company-wide enterprise IT security architecture.
4. Define and enforce technical security standards and operational policies.
5. Drive Security by Design in relevant business areas.
6. Integrate IT Security into IT processes (IT service management, IT operations management).
7. Establish security in projects through security concepts and reviews, overseeing the project portfolio regarding security relevance and priorities.
8. Set up processes for security operations, including managing the security operations center / cyber defence center.
9. Manage the international IT security organization and its team of security experts.
10. Coordinate external IT security suppliers and operators.
11. Plan and perform technical and procedural IT Security audits in architecture, engineering, and operations.
12. Report vulnerabilities and technical risks to the CIO and CISO.
13. Handle security incidents in close cooperation with Information Security Governance (CISO).
14. Define and allocate IT skills and resources (FTE) for IT Security.
15. Raise awareness of IT Security in target areas (IT Production, R&D Facility).
16. Coordinate external IT security suppliers and operators.

Ideal Qualifications :

1. Bachelor's or Master's degree in Business Administration, Information Technology, or a related field, or an equivalent qualification.
2. Industry certifications such as PMP, ITIL, ISO 27001, Agile.
3. Additional certifications like CISSP, CISM, SANS GSEC are preferred but not required.
4. Minimum 8 years of experience in a large-scale IT environment focusing on security and risk, including 5 years managing security teams.
5. Experience leading teams in designing and assessing IT security solutions, preferably in financial services.
6. Proven track record in managing complex security projects and crisis scenarios.
7. Ability to adapt to the fast-changing IT security landscape and stay updated on new concepts and threats.
8. Deep technical knowledge of security technologies (network, cloud, Identity & Access).
9. Strong understanding of security standards (ISO 27001, NIST, CIS, GMP).
10. Extensive knowledge of enterprise IT Security solutions.
11. Experience in Security Monitoring / Security Operations Centre (SOC).
12. Ability to adapt to change and continuously develop IT security practices.
13. Strong relationship-building and communication skills, capable of translating complex technical concepts into understandable language.
14. Excellent written and verbal communication skills in English; German skills are advantageous.
15. Experience in regulated industries such as pharmaceuticals, biotech, or healthcare is preferred.

ENG : In accordance with our Diversity policy, Evotec considers all applications equally, including those from people with disabilities.

Required Experience : Executive level

Key Skills :

Employment Type : Full-Time

Experience : Years

Vacancy : 1