Information Security Manager

Job Title: Information Security Manager (In-House)

Company Overview:

Our client is a leading organization within the medical sector, operating through a group of specialized brands dedicated to providing high-quality services in the healthcare industry.

With a workforce of around 1,200 employees, this organization operates in a collaborative and dynamic environment, with offices across Duisburg (HQ), Düsseldorf, Essen, and Cologne. The offices are conveniently located near each other, enabling seamless coordination across teams.

Key Responsibilities:

1. ISO27001 Compliance: Ensure that the organization remains ISO27001 certified annually, managing the certification process and internal audits to guarantee full compliance with industry standards.
2. Risk Management Development: Develop and enhance risk management practices to improve the maturity of the organization’s security framework and address emerging threats effectively.
3. Operational Security Enhancement: Implement and oversee operational security measures to safeguard the company’s assets, data, and networks.
4. Technical Leadership and Collaboration: Work closely with the IT department to ensure that all security measures are technically sound and aligned with business needs. You will be expected to have a hands-on understanding of technical cybersecurity concepts to effectively communicate and enforce security policies.
5. Stakeholder Engagement: Collaborate with key business stakeholders, including the CIO, Head of IT Operations, and Board Executives to drive security initiatives and ensure alignment with broader organizational goals.
6. Policy and Governance: Lead the creation, review, and implementation of information security policies, procedures, and guidelines across the organization.

Key Requirements:

1. Technical Experience: 2-3 years in a technical background, ideally as a systems engineer or similar role, with a deep understanding of IT systems.
2. 3+ years of direct experience in information security, focusing on ISO27001, NIS2, and operational security.
3. ISO27001 & NIS2 Expertise: Proven experience in managing or supporting ISO27001 certification, as well as familiarity with NIS2 directives for cybersecurity.
4. Language Skills: Fluent in German is a must, as the role will require communication across teams in Germany.
5. Collaboration Skills: Strong interpersonal and relationship-building skills, with the ability to work effectively with IT teams and business leaders at all levels of the organization.
6. Travel: Willingness to travel between the company’s various offices (Duisburg, Düsseldorf, Essen, Cologne) as needed.

Compensation:

• Competitive salary of up to £100,000.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology

Industries

Medical Practices and Computer and Network Security