Job
- Level
- Experienced
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Hanover
- Working Model
- Hybrid, Onsite
Job Summary
In this role, you will enhance our ISMS, translate regulatory requirements into security processes, coordinate risk analyses, and work closely with IT and data protection.
Job Technologies
Your role in the team
- You further develop our Information Security Management System (ISMS), maintain it in operation, and continuously improve it — practically, effectively, and audit-ready.
- You translate regulatory requirements from NIS2 and comparable directives into security processes, standards, and controls in a structured team effort—and ensure that necessary changes are incorporated into the ISMS at an early stage.
- You develop and maintain security policies, guidelines, processes, and documentation in a way that they are understandable, up-to-date, and practically applicable.
- You coordinate risk analyses, protection requirement assessments, vulnerability evaluations, and as-is/to-be comparisons, and derive appropriate measures together with the specialist departments.
- As the primary contact person, you work closely with IT, Data Protection, Compliance, and external partners, helping to establish clear roles and governance structures, and accompany internal and external audits from preparation to follow-up.
- You assist with regulatory documentation, reporting and communication processes, as well as handling security incidents — and translate lessons learned into sustainable improvements.
- You build meaningful reporting with key figures, status overviews, and maturity assessments to ensure that management and specialist departments always have transparency regarding risks, measures, and progress.
This text has been machine translated. Show original
Our expectations of you
Education
- Completed degree in Computer Science, Business Informatics, IT Security, or a comparable qualification; alternatively, several years of relevant professional experience in the field of information security / ISMS.
Qualifications
- Good knowledge of risk management, audit preparation, policy work, documentation, and compliance-oriented management of security requirements.
- Secure understanding of IT and business processes as well as collaboration with various stakeholders in the departments, IT, and management.
- Certifications in the field of information security are desirable, such as ISO/IEC 27001 Lead Implementer / Lead Auditor, BSI IT-Grundschutz, or comparable qualifications.
- You work in a structured, analytical, and reliable manner, prepare information appropriately for the target audience, and possess a high level of responsibility and assertiveness.
Experience
- Practical experience in the development, operation, or enhancement of an ISMS, ideally according to ISO/IEC 27001.
This text has been machine translated. Show original
What we offer
- We offer you 30 days of vacation, a 13th salary, and the opportunity for company pension schemes through salary conversion.
- You have flexible working hours and a family-like and collegial team with an open and transparent corporate culture.
- As part of the MADSACK Media Group, one of Germany's largest media conglomerates, we offer a secure job position.
- Your individual further education and training is ensured through the comprehensive qualification program offered by MADSACK Medien Campus, including seminars, workshops, and e-learning.
- With us, you can stay fit – for example, through JobRad, Hansefit, or the annual flu vaccination.
- You can obtain a discounted public transport ticket through us.
- In addition to a company pension scheme through salary conversion, you will receive a discounted subscription to our media brands and can place advertisements for free.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
Health, Fitness & Fun
Topics that you deal with on the job
Job Locations
This is your employer
Gutenberg Rechenzentrum Gmbh & Co. Kg
Das Gutenberg Rechenzentrum betreut als Softwarehersteller und Beratungshaus Kunden aus dem Bereich der Zeitungsverlage. Unser Leistungsangebot reicht von der Konzeption, Entwicklung und Betreuung hoch integrierter Branchensoftware bis hin zur Beratung von SAP-Standardmodulen.
Description
- Company Type
- Established Company
- Working Model
- Hybrid, Onsite
- Industry
- Consulting, Internet, IT, Telecommunication
Information Security Specialist (ISMS)
- Location
- Hanover
- Working Model
- Hybrid, Onsite
- Diversity
- Open for all genders
