Senior Expert Group Security in the CISO office (m/f/d)

As a Senior Expert Group Security, you are part of CANCOM Group Security. Within the Group Security, you take on independently changing challenges in the areas “audit”, “Contract” and “operative Security”. Your tasks related to “Audit” include: Implementation of site-specific visits to analyze the preset conformity Interviews with department and location managers Reporting on audit findings and related measures documentation Keeping audit findings Establishing security checks along business processes Auditing of service providers and other external third parties along the supply chain Accompanying and active participation in auditing by customers, commissioned third parties or official bodies Support for IT-Risk and IT-BCM audits related to internal information security requirements Your tasks related to “Contract” include: Contract reviews related to all aspects of information security and risk & business continuity management based on relevant national and international standards and laws Accompanying and active participation in contract negotiations with customer and service providers with regard to the above-mentioned aspects Identification of requirements from customer contracts incl. Distribution to internal implementation managers Your tasks relating to “operative security” include: Analysis of maturity in selected customer or internal projects Establishing a contractual compliance with the security, risk and BCM requirements in selected projects to ensure that the operationally implementing unit knows and implements the contractual and regulatory requirements (internal & external) Definition and active control of measures (both technical and organisational) to close CAPs in a timely and holistic manner Accompanying CANCOM internal implementations with regard to information security, due to customer requirements

You have professional experience in information security, IT-risk management and IT-Business Continuity Management through a relevant completed study and/or multi-year (min. 5 years) You have profound experience and knowledge in the application of relevant standards and standards, such as ISO/IEC 27001, ISO/IEC 27005, ISO/IEC 31000, BSI Basic / BSI-C5, ISO 22301 You are puncturing through structured, analytical thinking and high self-responsibility You have a high level of communication paired with strength of conviction and enforcement You are looking forward to a varied activity with a maximum of 10% readiness

Flexible working hours and mobile office in coordination with the supervisor Discounts thanks to the “Corporate Benefits” portal Bike leasing Free drinks & fruit Further training Employee events