Job
- Level
- Senior
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Hamburg
- Working Model
- Hybrid, Onsite
Job Summary
In this role, you design security measures, conduct internal audits, and advise departments on compliance with security standards like ISO 27001 and KRITIS, while creating security policies and conducting information security training.
Your role in the team
- You assist in the design, implementation, and monitoring of security measures and processes in our hybrid environments.
- You independently conduct internal Friendly Audits, identify potential weaknesses, non-conformities, and risks concerning standards such as ISO 27001, KRITIS/BSIG, as well as our internal regulatory framework.
- You actively contribute to the development of solutions and the improvement of our GRC processes.
- You advise and support our specialist departments in complying with policies and regulations, particularly in the areas of IAM (Identity & Access Management), DR/BCMS (Disaster Recovery / Business Continuity Management System), and Application Security.
- You contribute to the development and maintenance of security policies, standards, and documentation, including in the context of tool-based ISMS and GRC platforms.
- You assist in the analysis and assessment of security incidents and support in their resolution.
- You contribute to raising awareness and training employees on information security topics.
This text has been machine translated. Show original
Our expectations of you
Education
- Completed degree/training with relevant professional experience. Consulting background is a plus.
Qualifications
- Knowledge of tool-based ISMS and GRC platforms is helpful.
- Strong analytical and conceptual skills as well as an independent working style.
- Strong communication skills and the ability to present complex issues in an understandable manner.
- Fluent in German and proficient in English, both written and spoken.
Experience
- 5 years of professional experience in information security, IT risk management, or IT compliance.
- Excellent knowledge of common security standards and frameworks such as ISO 27001, KRITIS/BSIG, and experience with internal regulatory requirements.
- Experience in conducting audits or reviews is advantageous. A related certification (e.g., CISA, CISM, CRISC) is a plus but not a strict requirement.
- Practical experience in at least one of the following areas: hybrid environments, IAM, DR/BCMS, or Application Security.
- What matters is your experience as well as your passion for the topic of information security.
This text has been machine translated. Show original
What we offer
- Deployment of leading technologies and agile processes.
- You work for an award-winning employer whose corporate culture is characterized by an open and collaborative environment.
- Flexible working hours; remote work is also possible by arrangement.
- Extensive training and development opportunities.
- 15% discount on otto.de and other shops, subsidy for the Deutschlandticket, retirement provision, JobRad, various sports and leisure activities, and much more.
- Discounted and diverse food options in our modern canteen.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
More net
- 🏝️Summer and Christmas Bonus
- 📱Company Phone for Private Use
- 🛍Employee Discount
- 💻Company Notebook for Private Use
- 👴🏻Company Retirement Provision
Health, Fitness & Fun
Food & Drink
Topics that you deal with on the job
Job Locations
This is your employer
Hermes Germany GmbH
Hermes Germany is a leading logistics provider based in Hamburg. We partner with numerous online retailers and multi-channel merchants both in Germany and abroad. Our focus is on delivering packages nationwide.
Description
- Company Type
- Established Company
- Working Model
- Hybrid, Onsite
- Industry
- Logistics, Transportation
Information Security Manager
- Location
- Hamburg
- Working Model
- Hybrid, Onsite
- Diversity
- Open for all genders
