Senior Security Risk Manager (all genders)

Nur für registrierte Mitglieder
Berlin
EUR 60.000 - 100.000
Jobbeschreibung

As a Senior Security Risk Manager in the Information Security - Security Risk & Governance Team, you will be at the forefront of safeguarding trust for our customers, stakeholders, and employees. By expertly identifying, assessing, and managing security risks, you will directly influence the security posture of our internal applications and third-party relationships, becoming the go-to expert and a key architect of our evolving Security Risk Management process.

INCLUSIVE BY DESIGN

At Zalando, our vision is to be the leading pan-European ecosystem for fashion and lifestyle e-commerce - one that is inclusive by design. We only assess candidates based on qualifications, merit, and business needs. We welcome applications from people of all gender identities, sexual orientations, personal expressions, racial identities, ethnicities, religious beliefs, and disability statuses. We only want to know why you’re great for this role, so please avoid including your picture, age, and marital status in your CV as well.

We want to provide you with a great candidate experience. Please feel free to inform us of any accommodations you may need, so we can best support and assist you throughout the hiring process.

WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)

  1. Manage Security Compliance: Implement, maintain, and continuously improve the information security compliance framework.
  2. Ensure Regulatory Adherence: Monitor, enforce, and advise on compliance with DORA, GDPR, PCI-DSS, SOC2, NIST CSF, and other relevant regulations.
  3. Develop Security Governance: Contribute to the creation, review, and upkeep of information security policies, procedures, and controls.
  4. Drive Risk Management: Design, implement, and maintain the information security risk management framework for projects, systems, and processes.
  5. Measure Risk Management Effectiveness: Develop KPIs to track the effectiveness of risk management efforts.
  6. Report to Leadership: Prepare and present regular reports on security risks, compliance, and improvements.

You have 6+ years of experience working in Security Governance, Risk and Compliance functions.

You demonstrate strong communication skills and good interpersonal skills. You can communicate security risk-related concepts to technical and nontechnical audiences.

You have experience in interpreting and implementing security and privacy regulations and frameworks (e.g., NIST CSF, GDPR, ISO 2700x, SOC 2, PCI DSS, NIS2, CRA) into actionable security operational requirements.

You have a familiarity with the Secure Control Framework (SCF).

You have exceptional attention to detail, strong program/project management skills, analytical proficiency, and experience in operationalizing and developing scalable security processes in complex environments.

You have security certifications (e.g. CISSP, CRISC, CISM, ISO 27001 Lead Auditor/Implementer) as a plus.

OUR OFFER

Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.

  • Employee shares program
  • 40% off fashion and beauty products sold and shipped by Zalando, 30% off Lounge by Zalando, discounts from external partners
  • 2 paid volunteering days a year
  • Hybrid working model with up to 60% remote per week, actual practice is up to each team to best support their collaboration
  • Work from abroad for up to 30 working days a year
  • 27 days of vacation a year to start for full-time employees
  • Relocation assistance available (subject to prior agreement)
  • Family services, including counseling and support
  • Health and wellbeing options (including Wellhub)
  • Mental health support and coaching available
  • Drive your development through our training platform and biannual peer-to-peer review

Please note that all applications from this job page must be completed using the online form - we do not accept applications via e-mail. Once reviewed, our recruiters will contact applicants via an official Zalando email address (@zalando.de).

In some cases we also work with a selection of headhunters and agencies to fill specific roles. Please note that neither Zalando nor our recruiting partners will ask for any kind of payment to apply for a job or attend an interview.

If you have any questions about our recruitment process, please take a look at our FAQ page.

Folge uns
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Unternehmen
Services
Kostenlose Ressourcen
Support

© JobLeads 2007 - 2025 | Alle Rechte vorbehalten