Job
- Level
- Experienced
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Rostock
- Working Model
- Hybrid, Onsite
Job Summary
In this role, you will enhance the Information Security Management System, support the ISO 27001 certification, and advise on information security risks and measures in software development and IT.
Job Technologies
Your role in the team
- You assume the role of the Information Security Officer and specifically develop the existing Information Security Management System (ISMS).
- You oversee our ongoing ISO 27001 certification, manage the necessary measures, and ensure that the requirements of the standard are permanently embedded in the company.
- You advise management and specialist departments on risks and measures related to information security and translate requirements into concrete actions for development, Managed IT Services, and Business Applications.
- You maintain and refine existing policies, processes, and security concepts, monitor their compliance, and coordinate risk analyses for internal systems and customer environments.
- You ensure that information security is embedded throughout the entire software development and operational process, e.g., through secure development practices, hardening, and authorization concepts.
- You are the central point of contact for information security matters, support customer audits as well as ISO audits, and organize training sessions and awareness measures for employees.
This text has been machine translated. Show original
Our expectations of you
Education
- Completed degree in Computer Science, Business Informatics, or a comparable qualification.
Qualifications
- Ideally, additional knowledge of other standards and frameworks (e.g., BSI Basic Protection, OWASP, NIST).
- Good understanding of IT infrastructures, networks, cloud environments, and software development processes.
- Ideally, certifications in the field of information security (e.g., ISO 27001 Lead Implementer/Lead Auditor, CISM, CISSP, or similar).
- Knowledge of relevant legal frameworks, particularly GDPR and requirements for data processing agreements.
- Strong analytical thinking skills as well as the ability to communicate complex issues appropriately to the target audience.
- High consulting and communication skills and enjoyment in actively promoting information security within the company.
Experience
- Several years of practical experience in establishing, operating, or certifying an ISMS according to ISO 27001.
This text has been machine translated. Show original
Benefits
Health, Fitness & Fun
Food & Drink
Work-Life-Integration
Topics that you deal with on the job
Job Locations
This is your employer
GECKO | Gesellschaft für Computer und Kommunikationssysteme mbH
GECKO steht für innovative Software-Entwicklung. Ob Shop oder Buchungssysteme großer Touristikunternehmen - wir lieben es, die IT-Prozesse unserer Kunden beständig aktuell zu halten und zu erneuern. Und die lieben unsere Qualität und Verlässlichkeit - seit 1990. Diesem Anspruch werden wir mit motivierten Kollegen gerecht. In kleinen Teams und mit flachen Hierarchien sind wir stets am Optimieren, Aushecken, Tüfteln und Kreieren.
Description
- Company Type
- Established Company
- Working Model
- Hybrid, Onsite
- Industry
- Internet, IT, Telecommunication
information security officer
- Location
- Rostock
- Working Model
- Hybrid, Onsite
- Diversity
- Open for all genders
