Business Information Security Officer (BISO)- m / f / d

Today technology is driving the world. At METRO.digital, we are driving the technology for one of the leading international wholesalers specializing in food - METRO. We work on a wide range of products, from e-commerce to checkout and delivery software, to make each day successful for our customers and colleagues. With passion and ownership, we build the future of wholesale.

Are you motivated to create smart solutions for customers around the globe? Do you want to grow in a flexible environment? Let the right career opportunity find you—join us!

How will you make an impact?

The role ensures proper governance in the respective local entity to align the information security strategy with business objectives. It supports the implementation of organizational and technical measures to manage risks, comply with regulations, and enhance the maturity of Information Security.

This position involves direct interaction with local management to advise on Information Security matters, collaborating closely with the CISO organization. It provides critical insights to shape and improve the Information Security Strategy at METRO. The role also manages relationships with local cybersecurity agencies and may contribute to the local/national Information Security community. In case of severe incidents, the role coordinates response efforts with local management and the CISO organization.

• Implement and adapt the METRO AG ISMS to ensure compliance across the local organization and partners;
• Plan and coordinate IT and IS risk assessments, including third-party risks;
• Develop and execute annual action plans to reduce risks and increase maturity levels;
• Create and run awareness campaigns and targeted training for all business functions;
• Report risks, incidents, and KPIs to the CISO organization;
• Oversee incident response and crisis management related to information security;
• Support legal with evaluation of local information security laws and regulations;
• Collaborate with Data Protection and Security Officers to manage interfaces;
• Conduct local information security assurance reviews (e.g., pen-testing);
• Manage contacts with local cybersecurity agencies as needed.

Required key competencies and qualifications :

• Excellent communication skills for engaging with diverse professional backgrounds;
• Bachelor’s or master’s degree in IT, cybersecurity, business administration, or related field;
• Experience in developing and implementing information security policies and ensuring compliance;
• Strong knowledge of governance, risk management, and regulatory principles in information security;
• Expertise in management systems, audits, and vulnerability analysis;
• In-depth understanding of ISO 27001 or similar standards;
• Experience working in an agile environment and feeling at home in it.

What do we offer at METRO.digital?

• Flexible and remote work options: create your own schedule!

We promote flexibility in how we work and interact. METRO.digital offers remote work possibilities and adaptable working hours.

• People development: grow with us!

We support your growth through individual and company-wide programs and training focused on development, leadership, and appreciation. It’s time to upskill your career.

• Support with individual solutions: we care about our people!

Life is full of surprises and challenges. We aim to support you at every stage of your life, whenever you need it.

Interested in more benefits? Find out more about all our offerings.

Position grade within our career framework: Domain Owner (Md9).