IT & Information Security Risk and Compliance Specialist (m / f / d)

Are you looking for a challenging and rewarding career in the trade sector or will you bring in your passion for the same while developing further personally and professionally? Look no further than METRO! As a leading international food wholesaler, we specialize in meeting the unique needs of hotels, restaurants, caterers, and independent traders. With around 17 million customers worldwide, our multichannel approach allows for easy purchasing both in-store, via online order and via delivery all digitally connected. We operate in over 30 countries, employing more than 93,000 people globally, and our sales reached billion in the most recent financial year, aiming to continue our journey of successful growth.

Job Description

Join us in developing and strengthening an entire department and transforming cybersecurity capabilities on a global scale. If you're committed to making a real impact in the field of Cyber Security, you can #ShapeTheM with us.

Besides an interesting professional environment, we offer you a culture that wants you to thrive and allows to learn from each other:

• We try together, we stumble together, we get up together and shape our future. Be part of our transformation, build cross-functional capabilities and discover new ways of excelling in the Cyber Security field.
• We create impact in the world of food and offer comfort for our customers worldwide. To achieve this, we build capabilities to be the cyber-resilient omni-channel wholesaler.
• We invite you to take on responsibility, make our company your company and create a business together that remains true to its roots but always seeks new solutions.
• Together, we CARRY the M, we GROW the M, we INSPIRE the M, we SHAPE the M.

The purpose of a role is:

proactively identify, assess, and manage IT and information security risks within METRO AG and its entities, which includes developing risk management strategies, guidelines, and frameworks.

• Conduct comprehensive IT and information security risk assessments to identify potential vulnerabilities and threats.
• Contribute to develop and maintain risk management frameworks, guidelines, and standard operating procedures.
• Support the Chief Information Security Officer (CISO) and Business Information Security Officers (BISOs) to integrate IT risk management into the broader information security strategy.
• Monitor and follow-up on risk mitigation efforts & providing guidance and support to METRO entities in implementing effective IT / OT and cyber risk management practices.
• Prepare and deliver risk-related reports and updates.

Qualifications

• Relevant Masters degree in Computer Science, Information Security, or a related field
• Minimum of 3 years of experience in cyber security
• In-depth knowledge of risk management, compliance, and associated frameworks
• Familiarity with common information security standards (ISO 27001, NIST)
• Advanced skills in building detailed and actionable reports
• Proven project management abilities, ensuring projects are delivered on time and within budget
• Effective stakeholder management with strong communication and coordination skills in complex organizational environments
• Broad knowledge and overview of security architectures and security systems in IT and OT environments

Additional Information

• We offer to be part of a fast-growing international team that has significant scaling ambitions across multiple markets.
• Work-Life Balance: Trusted working hours, 30 days of vacation and home office options
• Further training: A comprehensive further training offer over an own training team as well as an own annual training budget
• Well-being: Health programs, a free fitness studio on our campus and regular employee events
• Comfort: Very good public transport connections and free parking spaces including charging facilities for e-mobility. A canteen with a varied selection of meals and discounts in our stores and at many partner companies

Please note that all job opportunities at METRO AG require that you live in / move to Germany and can be in office in Düsseldorf at least 2 times per week. We don't offer 100% remote opportunities.