Information Security Governance and Assurance Manager
Location
Bad Homburg vor der Höhe | Germany
Job description
As an Information Security Governance and Assurance Manager, you will be at the forefront of establishing robust cyber security controls, assessing their effectiveness and proposing improvements. Your responsibilities will include identifying control gaps, documenting risk mitigation strategies and supporting their monitoring. Working closely with the Group Cybersecurity Office, the successful candidate will assist in building a robust governance framework, monitor compliance and drive continuous improvement initiatives.
Your assignments
- Coordinate and oversee regular compliance assessments, audits (internal and external) and reviews to assess the effectiveness of security controls and identify areas for improvement
- Support the development of security policies, standards, and procedures to ensure they address emerging threats, comply with regulations, and align with the organization's risk appetite
- Develop KPI data to identify trends, areas for improvement, and opportunities to enhance the organization's security posture and to ensure that organization-wide policies and procedures achieve objectives
- Support projects in the deployment of cybersecurity measures, alongside monitoring and assessing their effectiveness, and suggesting enhancements where necessary
- Supervise penetration tests and vulnerability mitigation, and expansion of the penetration testing Program
- Assist in conducting cyber security risk assessments Identify cyber security risks arising from the combination of vulnerabilities and threats to the security of an organization's information systems and data, ensure the accurate identification and assessment of risks in line with our security framework and oversee the remediation of identified risks
- Assist in identifying and reviewing control deficiencies, providing recommendations for management action plans aligned with the company's risk and compliance frameworks
- Review and challenge projects, new initiatives, business objectives, processes, risk events, incidents, controls, and monitoring within the organization
- Collaborate with cross-functional teams to ensure that information security requirements are integrated into business processes, IT systems and products
- Serve as a subject matter expert on information security governance and compliance issues, providing guidance and training to staff as needed
Your profile
- Bachelor's degree in Cybersecurity, Information Systems, or a related field
- Profound understanding of IT security principles, including network and endpoint security, penetration testing, application security, access management and cloud security concepts
- Minimum of 5 years of experience in external audit, preferably with a focus on cybersecurity
- Strong knowledge of cybersecurity controls, regulations, and compliance frameworks
- Familiarity with industry standards such as NIST CSF, ISO 27001, or COBIT
- Experience in implementing and monitoring cybersecurity controls
- Strong analytical and problem-solving abilities
- Effective communication and stakeholder management skills
- Experience in reviewing and challenging projects and initiatives
- Professional certifications such as CISA, CISM, or CRISC are preferred
We are looking for talented individuals to join our team and help us achieve our mission of being better through digitalization. As a team member, you will have the chance to work with like-minded professionals from around the world, all with the shared purpose of positively impacting Fresenius Kabi and our patients. The ideal candidate should possess hands-on experience in efficiently planning and executing security initiatives. You enjoy dealing with ambiguity and want to help build new capabilities. You are curious and able to build relationships to create strong trust between different stakeholders. You should also be naturally authentic and have a proven ability to achieve ambitious goals.
We value diversity and inclusivity and strive to create a culture that is welcoming to all. We offer competitive salaries and benefits packages, including flexible work arrangements.
If you are a seasoned professional with a passion for fortifying digital landscapes and possess the strategic acumen to lead impactful security initiatives, we invite you to be a driving force in our journey towards a secure and resilient future.
#J-18808-Ljbffr
Job tags
Salary
