IT Security Manager (m/f/d)

Your Role: As Information Security Manager (m/f/d), you will take on strategic and operational responsibility for information security in a technology-driven industrial environment. You will develop and be responsible for the company’s technical IT security architecture – especially for traditional applications, cloud-native applications, and OT/IoT environments. In doing so, you will integrate security-by-design principles into our architectural decisions and development processes. A key part of your role is the establishment of an appropriate governance framework and the definition of policies. Whilst this framework is very important you will have a clear focus on technical implementation and effectiveness of measures. You will oversee regular penetration tests or red team exercises and be responsible for operating our security operations. In close coordination with IT operations, OT, and external partners, you will develop security strategies, ensure functional incident response processes, and continuously improve our IT security architecture. A particular focus of your role is the management and evaluation of external providers and service providers in the field of cyber security. You will manage clear requirements, monitor compliance, and ensure continuous improvement of security standards along the entire process chain. Additionally, you will advise the executive management on security-related issues, assess technological risks, and develop measures to mitigate them. You will build a company-wide security awareness program and ensure that information security is understood and lived as an integral part of our innovation and sustainability strategy.

• Develop and maintain the company’s technical IT security architecture for traditional, cloud-native, and OT/IoT environments with security-by-design principles.
• Establish governance frameworks and define security policies; focus on technical implementation and effectiveness of measures.
• Oversee penetration testing, red team exercises, and operate security operations.
• Coordinate with IT operations, OT, and external partners to develop security strategies and incident response processes.
• Manage external providers and service providers in cybersecurity; define requirements and monitor compliance.
• Advise executive management on security-related issues and develop risk mitigation measures.
• Build and drive a company-wide security awareness program integrated with innovation and sustainability goals.

• Degree in Computer Science, IT Security, or a comparable field
• Minimum of 5 years of experience in technical IT security roles (e.g., Security Architect, Head of Operational Security, SOC Lead, DevSecOps Engineer, or similar)
• Solid knowledge in infrastructure security, cloud security (Azure, AWS, GCP), OT/ICS security, IAM, and Zero Trust concepts
• Certifications such as CISSP, OSCP, CISM, GIAC are a plus
• Experience with implementing and technically executing regulatory requirements (e.g., NIS2, ISO 27001)
• Strong communication skills at both C-level and operational level
• Hands-on mentality, pragmatism, and strategic thinking
• Fluent in English and German