Information Security Manager (m/f/x)

Join to apply for the Information Security Manager (m/f/x) role at ZEISS Group

2 days ago Be among the first 25 applicants

Your role

Corporate Information Technology (CIT) at the Carl Zeiss Group is a central part of the company’s strategy, developing and implementing innovative IT solutions to enhance efficiency and competitiveness. By working closely with various departments, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.

• Defines, develops, and reviews information security policies, procedures, guidelines, forms, and templates together with the related Subject Matter Experts.
• Recommends and develops measures to ensure compliance with ISO 27001 as well as other applicable information security requirements and frameworks.
• Improves the Information Security Risk Management process and executes Information Security Risk Assessments and Analysis to ensure appropriate measures are taken to address identified risks.
• Further develops and implements Information Security Auditing across all ZEISS legal entities and locations in collaboration with Regional and Business Information Security Officers.
• Supports communication of all matters related to the ZEISS Information Security Program across all Businesses and Regions.
• Drives further development of the ZEISS GRC tool.

The Information Security Manager is a member of the InfoSec Certifications and Governance team (CIT-IC) within Corporate Information Security (CIT-I) at Carl Zeiss AG and reports directly to the Head of Information Security Certifications and Governance. The team is responsible for developing, implementing, and maintaining the ZEISS Information Security Program, aligned with international standards and regulatory requirements. Responsibilities include Governance, Risk and Compliance Management, Security Audit Management, and ISMS operation. The Manager is tasked with the ongoing development and operation of the Information Security Program, including the ISMS Process, Policy Framework, and Security in Supplier Relationships.

Your profile

• University degree in Information Security, Cybersecurity, Computer Science, or a related field, or equivalent experience.
• Minimum of 7 years of experience in Information Security or related areas (e.g., ISMS, GRC, ISO 27001, auditing).
• Deep expertise in designing, implementing, and maintaining ISO/IEC 27001-compliant ISMS, including re-certifications in multinational environments.
• Proven track record in delivering strategic security initiatives aligned with global business and regulatory requirements.
• Strong analytical and problem-solving skills.
• Experience managing Security KPIs, governance frameworks, and executive reporting.
• Solid understanding of compliance with international legal and regulatory standards (e.g., GDPR, NIS2, SOX).
• Excellent communication and leadership skills, capable of influencing stakeholders at all levels.

Your ZEISS Recruiting Team

Elhan Kolic

• Mid-Senior level

• Full-time

• Other, Information Technology, and Management

• Appliances, Electrical, and Electronics Manufacturing

Referrals increase your chances of interviewing at ZEISS Group by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.