IT Security Consultant

Explore a world of opportunities with us. Look ahead with us and help shape innovative solutions to make our world more sustainable and life healthier, more vibrant and more comfortable. At Evonik, you have the chance to explore, thrive, and grow alongside 33,000 colleagues.

Among attractive career paths and high-quality development programs, we not only offer performance‑based remuneration and occupational health benefits but also hybrid and flexible working environments with #SmartWork.

Find out more about the many benefits we offer:

https://careers.evonik.com/en/why

Bring your fresh perspective, develop your strengths, break out your mold, and find a career that fits your dreams with us.

Click on the link below to learn what our employees have to say about Evonik:

https://careers.evonik.com/en/about/meet-the-team/

• Consulting on current trends in the methodological and technical assessment of IT security requirements
• Regular analysis of the threat landscape in the IT security environment and review of regulatory requirements and methodologies with regard to information security (e.g., KRITIS, ISO 27001, ISO 27005)
• Responsibility for continuous monitoring of the IT security level, assessment of threat potentials and residual risks, and development of corresponding recommendations for action
• Responsibility for the introduction, implementation, and continuous development of a methodology to ensure IT security requirements
• Participation in the development of new solutions in the IT security environment and conducting security assessments for new or existing security solutions
• Consulting and support for IT product groups and other Evonik units on information security matters, as well as guidance and consulting for IT projects in this context
• Responsibility for regular knowledge exchange with stakeholders such as Product Owners, Domain Architects, IP Protection, and OT Security
• Support of M&A projects during the due diligence phase to assess the security level of the seller’s IT environment and development of measures for temporary protection until integration into the Evonik standard
• Guidance and consulting for IT M&A projects until the completion of the transition regarding information security
• Contribution to the creation and updating of IT group standards and active participation in IT committees

• Successfully completed (technical) university degree in IT security, computer science, economics, engineering, or natural sciences, or a comparable commercial/technical education in the IT field with relevant professional experience
• Several years of professional experience in the field of information security and proven experience with concepts, protocols, strategies, and best practices in information security
• Experience in conducting risk analyses including consideration of business impact, assessment of vulnerabilities, effectiveness of measures, and development of strategies for effective risk reduction
• Strong understanding of the impact of IT security tools/technologies and regulations on business processes, and familiarity with common information security management frameworks such as (ISO) 2700x or the NIST Cyber Security Framework
• Certification in IT security such as CISM, CRISC, ISO 27001 Lead Auditor, or CISSP
• Fluent English speaking, both written and spoken; German is an advantage
• Ability and willingness to interact with Evonik personnel and build a network, as well as a high level of initiative, assertiveness, cooperation skills, and team spirit
• Willingness to travel occasionally (nationally and internationally)
• Shift working is required for this position

To ensure that your application is proceeded as quickly as possible and to protect the environment, please apply online via ourcareerportal. Further information about Evonik as Employer can be found at https://careers.evonik.com.

Please address your application to the Talent Acquisition Manager, stating your earliest possible starting date and your salary expectations.

Be careful – Don’t provide your bank or credit card details when applying for jobs. Don’t transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.