Senior GRC & IT Operations Specialist

About T-Systems:

With around 28,000 employees worldwide and annual revenues of EUR 4.0 billion (2021), T-Systems is one of the leading providers of digital services. The Deutsche Telekom subsidiary is headquartered in Germany and has a presence in Europe as well as in selected core markets and strategic production locations. T-Systems can provide a global production and supply chain to companies operating worldwide.

T-Systems offers integrated end-to-end IT solutions, driving the digital transformation of companies in all industries and the public sector. Focus industries include automotive, manufacturing, logistics and transportation, as well as healthcare and the public sector. T-Systems develops vertical, company-specific software solutions for these sectors.

About the Role:

This hybrid individual contributor role combines Governance, Risk & Compliance (GRC) oversight with IT strategy and delivery for the local TDU (Technology Delivery Unit). Over time, this individual has potential to take over the lead role for TDU IT, while acting as a senior focal point for audit, data privacy, IT security, and health safety & environment related initiatives in alignment with global standards and local requirements.

Core Responsibilities:

GRC / Audit / Security / Health, Safety & Environment (50%)

Audit & Risk Management

• Lead and execute internal and external audits in compliance with ISO standards (e.g. ISO9001 and ISO20000), ensuring alignment with both central and local regulatory requirements
• Conduct risk assessments and self-assessments; manage corrective and preventive actions
• Prepare internal teams and business stakeholders for internal and external audits
• Localize and implement global Integrated Management System (IMS) and Quality Management System (QMS) policies
• Plan and execute additional audits or assessments as required, including data privacy and process compliance reviews

Information Security Management

• Manage internal audits in accordance with ISO standards (e.g. ISO27001), driving continuous improvement across IT security practices
• Conduct risk analyses and collaborate with cross-functional teams to mitigate identified risks
• Review and tailor Information Security Management System (ISMS) policies for local implementation
• Support Business Continuity Planning (BCP), Emergency Crisis Management (ECM), and related testing and documentation

Data Protection & Privacy

• Implement and oversee data privacy audits and inspections based on local laws (e.g. PDPA) and global frameworks (e.g. GDPR)
• Roll out updates to privacy policies and ensure third-party compliance (e.g. vendors, partners, and customers)
• Coordinate with central functions for reporting and implementation of mandated privacy initiatives

Workplace Health, Safety & Environment (HSE)

• Lead audits aligned to Environmental Management (e.g. ISO 14001) and Occupational Health & Safety (e.g. ISO 45001), including managing post-audit action plans
• Adapt and communicate central HSE policies for local implementation

TDU IT Management (50%)

• Manage the local TDU IT function, aligning strategic initiatives with the global IT roadmap
• Drive end-to-end IT project and program delivery - including solution design, deployment, and governance oversight
• Manage IT resources, budgeting, forecasting, and expenditure tracking
• Oversee IT asset lifecycle management, ensuring compliance with procurement, licensing, and cybersecurity standards
• Involved in digital transformation and local innovation initiatives, including the adoption of emerging technologies

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field
• 10–15 years of experience in GRC/audit and IT management roles in a multinational environment
• Strong knowledge of ISO standards (e.g. 9001, 20000, 27001, 14001/45001) and audit frameworks
• Familiar with data protection laws and policies (e.g. GDPR, PDPA)
• Hands-on experience in IT solution design, digital transformation, and project/program management
• Strong leadership, stakeholder engagement, and communication skills
• Experience working across countries and with centralised/global teams
• Certification preferred: PMP, ISO Auditor, or equivalent