We are looking for one of our locations throughout Germany as soon as possible :
Senior Security Consultant Information Security and Regulatory (m/f/d)

Your tasks

In this role, you will combine operational responsibility in information security management with consulting expertise in the area of regulatory and compliance-related requirements.
You will take on the function of Information Security Officer (ISM) for selected customers within managed service environments and actively participate in the secure design and management of IT services in the customer context. In doing so, you will coordinate technical, organizational and documentary security requirements in close cooperation with the customer, the service managers and external inspection bodies.
In addition, you will advise customers on the implementation of security-relevant standards and legal requirements, analyze existing security structures and provide holistic support for transformation and compliance projects.

• Implementation of tasks of the IT security officer of a service provider, i.e. responsibility for project-specific security concept developments, risk and protection needs assessments, development of catalogues of measures, tool evaluations and implementation planning
• Establishment, maintenance and further development of ISMS structures according to ISO 27001, BSI IT-Grundschutz, NIST CSF etc.
• Implementation of protection needs assessments, risk analyses, GAP assessments and action planning
• Support of internal and external audits (e.g. B. ISO, BSI, TISAX) as well as follow-up of findings
• Control of technical and organizational measures to ensure information security
• Creation and further development of guidelines, security concepts and reports
• Support in the assessment and handling of security incidents (incident management, CAPA)
• Preparation and participation in audits and security checks
• Definition, creation and review of reports on IT security
• Representing the interests and concerns of the customer internally in order to align customer expectations and service services in the context of information security
• Technical coordination and two-way communication of security services in the context of regular meetings and for the preparation and well-founded discussion of reports
• Responsibility for the provision of services within the framework of complex SLAs in the context of information security as well as technical provision of (managed) security services
• Collaboration in teams from all service delivery resources and external partners of Manage Now in the ongoing operational business to coordinate your own specialist topics
• Recognizing deviations from SLAs and initiating appropriate technical and regulatory measures
• Responsibility for improvement plans in the context of security service provision and information security, their regular review and further development
• Identify and assess service risks, contract risks, and critical escalations
• Proactively examine trends and common issues in the context of information security
• Establishment and compliance as well as optimization of the internal processes of the service provider including the IT governance processes in the context of information security
• Participation in the continuous improvement of service delivery standards in the context of information security
• Active support for the establishment of a portfolio of security consulting services in the area of GRC (governance/risk/comliance) such as security assessments, protection needs analyses, emergency plans and more
• Support of presales projects for security consulting services

Your profile

Why us?

Contact Information