ISMS Coordinator (f/m/d)

As the ISMS Coordinator, you play a key role in establishing, certifying, and continuously improving the Information Security Management System (ISMS) at HOLON. You coordinate certifications, audits, and compliance activities, and work closely with the Cybersecurity team to ensure that information security is organizationally embedded and continuously enhanced.

• You initiate and drive HOLON’s ISO 27001 certification by defining roadmaps and milestones and preparing management reviews
• You are responsible for planning our BCM and DR, aligning criticalities and RTO/RPO, and coordinating emergency tests
• You coordinate the implementation of measures by prioritizing controls from ISO/IEC 27002:2022 and ISO/IEC 27017, assigning control owners, and evaluating maturity and effectiveness using KPIs and KRIs
• You manage external audits and support ISO 27001 certifications as well as surveillance audits
• You plan and conduct internal audits and oversee them through to successful completion
• You act as the central point of contact for ISMS, BCM, DR, and data protection for customers and suppliers
• You serve as the interface to authorities in the event of security incidents by defining responsibilities and escalation paths, maintaining reporting portals, and coordinating deadline management and quality‑assured reports in close collaboration with Cybersecurity, IT, and Cloud teams
• You design, implement, and evaluate the effectiveness of information security awareness and training programs
• You report regularly to Governance and actively contribute as a stakeholder and participant in the HOLON CISO Board

• Degree in IT Security, Computer Science, Business Informatics, or a related field
• Several years of experience in technical cybersecurity roles, with solid expertise in core information security domains and strong understanding of modern cloud and application landscapes
• Proven experience implementing an ISMS according to ISO 27001, ideally in a scale‑up, cloud‑native start‑up, or SME
• Relevant certifications such as CISSP, CISM, ISO 27001 (Lead) Implementer, or ISO 27001 (Lead) Auditor
• Experience with NIS2 (applicability, organizational duties, reporting processes) and ideally with CRA (basic understanding of obligations, transition periods, and coordination with product areas) are a plus
• Additional technical certifications such as OSCP, CRTO, CPTS, AZ‑500, SC‑100, etc. are a plus
• Strong stakeholder communication skills from IT to top management
• Highly structured and independent working style
• Fluent in German (min. C1) and proficient in English (min. B2)