Senior InfoSec Expert - ZEISS Security Engineer Program Office (f/m/x)

at  ZEISS Group

The Senior Security Expert- ZEISS Security Engineer Program Office is responsible for the coordination, facilitation, and organization of all activities within the ZEISS Security Engineer Program Office. He acts as the key contact person, around the organization of the Programs, defines, enables, and monitors rules and operational principles of the Programs, and ensure efficiency and effectiveness in the way of collaborating and working within the Programs. He support the coordination, and the creation of Security Engineer working groups and oversight the proper function as well as the deliverable out of the Program. He has the responsibility to document maintain and update important information or decisions around the Programs (including the SecEng directory, the training provider directory, annual follow-up of certifications, etc.).

Your tasks:

• Manage, plan, execute and (cost-) monitor the project portfolio optimizing the ZSE (ZEISS Security Engineer) program, its community and interested employees i.e., community concept, participant management & directory, InfoSec license extension
• Development of a reporting and governance structure to tactically monitor and oversee the ZSE project portfolio
• Conduction of onboarding for new and individual operative support of active ZSEs in order to provide an even more personalized learning plan and directly consider business
• Detailing and operationalizing general administrative topics into specific projects i.e., ZSE onboarding concept to optimize the ZSE program towards more efficiency and higher UX
• Identifying automation potentials and implementing needed quick automations via MS Power Automate or other quick RPA tools; i.e., automated mailings to program office, HR, etc.
• Critically challenge the ZSE program to continuously improve the processes for administration, academy and community
• Consistent and KPI-backed communication towards ZSEs incl. development of communication plans and guidelines to proactively support the change management processes i.e, tool implementations
• Management and facilitation of the community structure to strengthen knowledge exchange, team building between InfoSec groups and include ZEISS business needs
• Assessment, selection and management of 3rd parties (i.e., CHR, SMEs/BSEs, etc.) for the organization and conduction of internal team building events, award ceremonies and conferences for a strong ZSE community (i.e., secure coding events, hackathons, etc.)
• Continuously evaluate trends and domains on Information Security including their necessity and (business) impact on ZEISS and the ZSE program (i.e, AI, ransomware, social engineering, NIS2 etc.) to always preserve the recency of information security at ZEISS
• Leading and managing projects to optimize the InfoSec educational programs to increase quality and recency of contents i.e, Information Security fundamentals, domain specific knowledge

Your Profile:

• 5+ years of experience in solution development and operation, including in positions such as Agile Coach, product Owner, or Project manager
• Strong experience in secure digital solution design or development /engineering (SW and HW) in large organization
• Strong Secure DevOps development practices, and experience in secure CI/CD pipelines.
• Strong expertise in Community management as well as stakeholder expectations and experiences management
• Understanding of staff education, e-learning, knowledge management
• Excellent written and oral/digital communication skills with multiple levels of leadership involving both business and technical sides of the business
• Demonstrated passion for understanding ambiguous, complex problems and driving high-quality, innovative, and robust solutions.
• General Information Security proficiency
• Technical leadership mindset, proactive and result oriented.
• Solid knowledge of industry Security standards and technology such as ISO27002, etc.
• Ability to work under pressure and make sustainable decisions in time-critical situations
• Proactive attitude and high degree of independence
• Business fluent knowledge of English and German, further languages are of advantage
• Experience in leading initiatives, activities or communities leveraging global teams with matrix resources

Your ZEISS Recruiting Team:
Stefan Schmi

• Manage, plan, execute and (cost-) monitor the project portfolio optimizing the ZSE (ZEISS Security Engineer) program, its community and interested employees i.e., community concept, participant management & directory, InfoSec license extension
• Development of a reporting and governance structure to tactically monitor and oversee the ZSE project portfolio
• Conduction of onboarding for new and individual operative support of active ZSEs in order to provide an even more personalized learning plan and directly consider business
• Detailing and operationalizing general administrative topics into specific projects i.e., ZSE onboarding concept to optimize the ZSE program towards more efficiency and higher UX
• Identifying automation potentials and implementing needed quick automations via MS Power Automate or other quick RPA tools; i.e., automated mailings to program office, HR, etc.
• Critically challenge the ZSE program to continuously improve the processes for administration, academy and community
• Consistent and KPI-backed communication towards ZSEs incl. development of communication plans and guidelines to proactively support the change management processes i.e, tool implementations
• Management and facilitation of the community structure to strengthen knowledge exchange, team building between InfoSec groups and include ZEISS business needs
• Assessment, selection and management of 3rd parties (i.e., CHR, SMEs/BSEs, etc.) for the organization and conduction of internal team building events, award ceremonies and conferences for a strong ZSE community (i.e., secure coding events, hackathons, etc.)
• Continuously evaluate trends and domains on Information Security including their necessity and (business) impact on ZEISS and the ZSE program (i.e, AI, ransomware, social engineering, NIS2 etc.) to always preserve the recency of information security at ZEISS
• Leading and managing projects to optimize the InfoSec educational programs to increase quality and recency of contents i.e, Information Security fundamentals, domain specific knowledg