Aktiviere Job-Benachrichtigungen per E-Mail!
Information Security Officer (m/f/d)
IDEALworks GmbH
München
Hybrid
EUR 70.000 - 90.000
Vollzeit
Heute
Sei unter den ersten Bewerbenden
Erstelle in nur wenigen Minuten einen maßgeschneiderten Lebenslauf
Überzeuge Recruiter und verdiene mehr Geld. Mehr erfahren
Zusammenfassung
A tech-focused company in Germany is seeking a Governance and Compliance Specialist to manage ISO 27001 and TISAX certifications. Responsibilities include leading security incident responses, managing compliance documentation, and identifying security risks. Candidates should have a Bachelor's degree in IT, extensive experience in information security, and strong analytical and communication skills. The role offers a hybrid working model with competitive benefits, located in Munich.
Leistungen
30 vacation days
Bonus scheme
Company pension scheme
Team events
Qualifikationen
- 4 – 6 years of experience in information security, compliance, or IT governance.
- Hands-on experience with ISO 27001 implementation and audits.
- Strong understanding of risk management and threat modelling.
- Experience with penetration testing tools and methodologies.
Aufgaben
- Implement and maintain ISO 27001 and TISAX certifications.
- Lead security incident response and ensure proper documentation.
- Identify, assess, prioritize, and track security risks.
- Plan and coordinate penetration testing and vulnerability assessments.
Kenntnisse
ISO 27001
TISAX
Risk management
Threat modelling
Vulnerability management
Penetration testing
Analytical skills
Problem-solving
Communication skills
Ausbildung
Bachelor's degree in Information Technology or Computer Science
Jobbeschreibung
The Role: What to expect
Role Requirements: What you need to succeed
- Bachelor’s degree in Information Technology, Computer Science, or a related field.
- 4 – 6 years work experience in information security, compliance, or IT governance.
- Hands‑on experience with ISO 27001 implementation and audits.
- Ideally, you have experience in TISAX requirements and automotive security standards.
- Strong understanding of risk management, threat modelling, and vulnerability management.
- Experience with penetration testing tools and methodologies.
- Knowledge of infrastructure hardening and application security best practices.
- Deep understanding of regulatory frameworks and audit processes.
- Experience maintaining compliance documentation and evidence.
- Excellent problem‑solving and analytical skills.
- Strong verbal and written communication skills in English, German is a plus.
- Ability to work in a highly agile, fast‑paced environment.
Why idealworks
- At idealworks, you will find an international working environment and become part of an experienced, open team where mutual trust counts. You will feel at home from the very first second!
- Experience a first‑hand start‑up feeling and flat hierarchies with varied and responsible tasks that you work on independently.
- Look forward to hybrid working model with 30 vacation days per year and various opportunities to balance your free time, family and job.
- For your commitment to helping us achieve our mission, you will not only be rewarded with appreciation, but also with above‑average pay including a bonus scheme and an annual personal development budget.
- We offer exciting corporate benefits, an attractive company pension scheme and regular team events.
- Our modern office is easily accessible by public transport, bike and car and offers numerous catering options for relaxed lunch breaks with your team.
- Driven by our unique corporate culture, the five values “passion for results”, “wellbeing”, “personal growth”, “trust” and “being and acting as one team” determine our daily actions and cooperation.
Role Responsibilities: What you will do
Governance & Compliance
- Implement and maintainISO 27001andTISAXcertifications.
- Own all compliance‑related activities, including but not limited to:
- Internal and external audit preparation and coordination.
- Maintaining theStatement of Applicability (SoA)and evidence for controls.
- Ensuring adherence to regulatory and contractual security requirements.
- Develop and maintain compliance documentation, policies, and procedures.
Incident & Continuity Management
- Lead security incident response and ensure proper documentation.
- Conduct root cause analysis and follow‑up on corrective actions.
- Own the end‑to‑end BCP process, including but not limited to:
- Maintain BCP documentation and ensure readiness through periodic BCP drills and readiness assessments.
- Launch BCP in case of major incidents or disruptions.
- Coordinate communication with stakeholders during BCP activation.
Risk Management
- Identify, assess, prioritize, and track security risks.
- Monitor timely execution of mitigation plans.
- Perform and review threat modelling for critical systems and processes.
Security Operations
- Overseedata classificationand define retention periods.
- Support infrastructure hardening and application security initiatives.
- Maintain and enhance the security playbook AI model for incident response.
Testing & Assurance
- Plan and coordinate penetration testingand vulnerability assessments.
- Prioritize and follow up on mitigation of PEN test findings.
Customer & Stakeholder Support
- Act as a security and compliance subject matter expert for customer‑facing teams.
- Respond to security questionnaires and RFPs.
Hol dir deinen kostenlosen, vertraulichen Lebenslauf-Check.
eine PDF-, DOC-, DOCX-, ODT- oder PAGES-Datei bis zu 5 MB per Drag & Drop ablegen.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
Meine Jobsuche war ins Stocken geraten und meine Bewerbungen blieben erfolglos. JobLeads half mir, einen Lebenslauf zu erstellen, den Recruiter einfach nicht übersehen konnten.
Sophie Reynolds
Der Lebenslauf-Check von JobLeads half mir, kritische Fehler zu beseitigen. Fast sofort erhielt ich Einladungen zu Job-Interviews!
Daniel Fischer
Dank des Lebenslauf-Checks von JobLeads wurde mein Lebenslauf nicht mehr übersehen und ich erhielt sofort Einladungen zu Interviews!