Information Security Manager (m/f/x) - Jobbird.com

Information Security Manager (m/f/x) at Jobbird.com.

The Information Security Manager is a member of the InfoSec Certifications and Governance team (CIT-IC) within Corporate Information Security (CIT-I) at Carl Zeiss AG and reports directly to the Head of Information Security Certifications and Governance. The team is responsible for developing, implementing, and maintaining the ZEISS Information Security Program, aligned with international frameworks and standards, and considers requirements from all business functions and regulatory requirements. Responsibilities include governance, risk and compliance management, information security audit management, and ISMS operation. The Information Security Manager is responsible for further development and operation of the ZEISS Information Security Program in areas such as the ZEISS Information Security Management System Process, the ZEISS Policy Framework and Information Security in Supplier Relationships.

• Defines, develops and reviews information security policies, procedures, guidelines, forms and templates with related Subject Matter Experts.
• Recommends and develops measures to ensure compliance with ISO 27001 and other applicable information security requirements and frameworks.
• Improves the Information Security Risk Management process and executes Information Security Risk Assessments and Analyses to ensure appropriate measures are taken to treat identified risks.
• Further develops and implements Information Security Auditing across ZEISS entities and locations with Regional and Business Information Security Officers.
• Supports communication of all matters relating to the ZEISS Information Security Program across all Businesses and Regions.
• Drives further development of the ZEISS GRC tool.

• University degree in Information Security, Cybersecurity, Computer Science, or a related field—or equivalent combination of education and substantial hands-on experience.
• Minimum of 7 years of progressive experience in Information Security or related areas (e.g., ISMS, GRC, ISO 27001, auditing).
• Deep expertise in designing, implementing, operating, and maintaining ISO/IEC 27001-compliant ISMS, including recertifications in multinational environments.
• Proven track record in delivering strategic security initiatives aligned with global business and regulatory requirements.
• Strong analytical and problem-solving skills with the ability to navigate complex security challenges.
• Experience in managing Information Security KPIs, governance frameworks, and executive-level reporting.
• Solid understanding of compliance across international legal and regulatory landscapes (e.g., GDPR, NIS2, SOX).
• Excellent communication and leadership skills, with the ability to influence stakeholders across technical, business, and executive levels.

Note: The ZEISS Recruiting Team is listed below.

• Elhan Kolic

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Software Development

Information Security Manager (m/f/x) – Jobbird.com