Information Security Officer (f/m/d)

at  HENSOLDT

Company
HENSOLDT Sensors GmbH
Full time / Part time:
The position can be filled in full or part time.
Summary
We are looking for an “Information Security Officer (f/m/d)” for the “Information Security” department in Ulm, Immenstaad, Oberkochen and Taufkirchen as soon as possible.
The “Information Security” department plans and designs solutions to protect HENSOLDT from cyber attacks in the long term. The department is also responsible for maintaining and developing the Information Security Management System (ISMS) and is the central point of contact for all questions relating to information security. It carries out company-wide awareness measures on the topic of cyber security and advises the specialist departments with regard to the special features relevant to cyber security.

Your Tasks

• Conduct comprehensive IT and information security risk assessments to identify potential vulnerabilities and threats.
• Contribute to develop and maintain risk management frameworks, guidelines, and standard operating procedures in alignment with industry best practices and regulatory requirements.
• Monitor and follow-up on risk mitigation efforts, ensuring they are within the defined risk appetite and that systemic risks are reduced to acceptable levels.
• Provide guidance and support to HENSOLDT entities in implementing effective IT/OT and cyber risk management practices.
• Prepare and deliver risk-related reports and updates to senior leadership and HENSOLDT Boards.
• Continuous improvement of the information security management system (ISMS) and cooperation in certifications (ISO 27001, CMMC, BSI-Grundschutz)
• Participation in company-wide business continuity management as IT service continuity manager and in disaster recovery

Your Profile

• Bachelor’s degree or similar qualification in information security, Cybersecurity, Computer Science, or a related field. Master’s degree is a plus.
• Several years of professional experience in IT security or information security as well as knowledge of the current legal requirements and standards of cyber security
• More than 4 years of experience in IT Risk Management, Information Security or a related field is required.
• Professional experience in the Defense industry is desirable.
• Familiarity with critical infrastructure regulations is desirable
• Risk Assessment: Proven ability to conduct risk assessments, demonstrating understanding of potential vulnerabilities and threats
• Risk Management Frameworks: Track record of supporting the development of risk management frameworks, guidelines and procedures.
• International Cybersecurity Standards: Familiarity with ISO 27001, understanding its application in risk management processes.
• Implementation Support: Demonstrated experience providing guidance and support for effective implementation of risk management practices.
• Reporting: Proficient in preparing and delivering risk-related reports catered to senior leadership.

Happy to hear

• Work on extraordinary high-tech products at the limits of physics
• Fair, performance-related remuneration, plus special payments
• Flexible working time and workplace models
• Company pension scheme
• Individual development and training opportunities
• Family-friendly working conditions and meal & snack options
• Health promotion and mobility offers

Discover more about our benefits "

• Conduct comprehensive IT and information security risk assessments to identify potential vulnerabilities and threats.
• Contribute to develop and maintain risk management frameworks, guidelines, and standard operating procedures in alignment with industry best practices and regulatory requirements.
• Monitor and follow-up on risk mitigation efforts, ensuring they are within the defined risk appetite and that systemic risks are reduced to acceptable levels.
• Provide guidance and support to HENSOLDT entities in implementing effective IT/OT and cyber risk management practices.
• Prepare and deliver risk-related reports and updates to senior leadership and HENSOLDT Boards.
• Continuous improvement of the information security management system (ISMS) and cooperation in certifications (ISO 27001, CMMC, BSI-Grundschutz)
• Participation in company-wide business continuity management as IT service continuity manager and in disaster recover