Local Information Security Officer

Your Role:

• Aligns the information security objectives with the objectives at the site.
• prepares the information security guideline and coordinates it with the site management.
• ensures that the agreed guideline on information security is communicated to all site employees.
• is responsible for the establishment, operation and further development of the information security organization within the site.
• Draws up and updates the site's information security concept and also adapts it to new legal requirements.
• draws up and issues guidelines and regulations relating to information security.
• advises the site management on all information security issues.
• reports relevant incidents concerning information security to the management level or to the units defined within the framework of the federal information security management.
• Reports regularly to site management on the current status of information security at the site.
• Ensures the necessary flow of information for information security management (e.g., through reporting, documentation).
• Ensures that information security measures, including access regulations, are documented in an up-to-date, meaningful and comprehensible manner.
• initiates and monitors the implementation of information security measures.
• Coordinates target group-oriented awareness and training measures on the subject of information security.
• Plans and conceptualizes emergency preparedness and prepares an emergency manual for dealing with emergencies (or works closely with the emergency officer if such a role is filled at the institution).
• Involves all site staff in the information security process and emergency preparedness.
• Takes the lead in analyzing and following up on information security incidents.
• Cooperates with other officers in the field of (information) security (e.g., data protection officer, security specialist, confidentiality officer).
• regularly attends advanced training courses on information security. Regular participation in relevant training courses is mandatory.

Your Background:

• Advantageous university degree in the technical or IT field
• Experience in audits, IT, project management, process management, BSI basic regulation, GDPR
• Knowledge of ISO 27001 and ISO 19011 for internal audits
• Very good communication skills in the local language as well as good English skills, high personal responsibility and a team-oriented and flexible way of working
• Advantageous certificate as information security officer