Job
- Level
- Experienced
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Salary
- 60.000 to 85.000€ Gross/Year
- Location
- Mannheim
- Working Model
- Onsite
Job Summary
In this role, you will enhance the ISMS, conduct risk analyses, advise management on information security issues, and create management reports on security incidents and strategies.
Job Technologies
Your role in the team
- In this position, you will oversee our VED-BS division. This includes brands such as VINCI Facilities, SKE International, G+H Building Services, as well as Zimmer & Hälbig GmbH, G+H Isolierung, R+S Group, and Calanbau.
- Development, maintenance, and further development of the ISMS within the SQUI system of VINCI Energies.
- Ensuring the implementation of the ISMS strategy and policies in accordance with ISO/IEC 27001, BSI IT-Grundschutz, and legal requirements.
- Continuous improvement of the ISMS considering the IT, OT, and cloud infrastructure as well as IT service management (ITSM).
- Consulting management, executives, and employees on all matters of information security.
- Reporting and tracking of information security incidents.
- Support in risk and business impact analyses (BIA) as well as in the development of emergency, recovery, and restoration plans.
- Review of the currency and effectiveness of IT emergency and recovery plans.
- Planning, execution, and follow-up of security exercises and penetration tests in collaboration with quality, security, and BCM officers.
- Conducting risk, threat, and vulnerability analyses in IT/OT/Cloud projects.
- Assessment of the maturity level of the ISMS, including effectiveness controls of corrective and preventive actions (CAPA).
- Conducting and coordinating internal and external audits as well as assessments.
- Regular written reporting to management on the status of information security.
- Preparation of management reports and recommendations as part of the management review.
- Documentation and tracking of all relevant information security measures.
- Promotion of awareness for information security (cybersecurity culture) within the company.
- Support in training and educational measures to strengthen employees' security competence.
- Support for management in collaborating with external agencies (authorities, police, BSI, clients).
- Coordination with Data Protection, Compliance, and Process Management to ensure consistent information security processes.
- Close collaboration with the IT, Data Protection, Compliance, Quality Management, and BCM departments is required.
This text has been machine translated. Show original
Our expectations of you
Education
- Completed degree in Computer Science, IT Security, Business Informatics, or a comparable qualification.
Qualifications
- In-depth knowledge of ISO/IEC 27001, BSI Basic Protection, and relevant legal requirements.
- Analytical thinking, strong communication skills, and assertiveness.
- Familiarity with IT/OT/Cloud architectures and IT service management processes.
- Certifications such as CISM, CISSP, ISO 27001 Lead Implementer/Auditor, or equivalent, are advantageous.
- Very good spoken and written German skills
- Good command of English, both written and spoken
Experience
- Several years of professional experience in information security, IT risk management, or IT compliance.
This text has been machine translated. Show original
What we offer
- Working in an open, collaborative, and collegial team with a wide range of responsibilities.
- Use of current and high-quality technologies and systems, such as Office 365, SharePoint (online), Cloud, Teams (phone system), etc.
- We foster an open, communicative corporate culture with continuous knowledge sharing.
- Exciting projects and new challenges in an international company.
- Promotion, further training, and expansion of professional competence.
- Active shaping and changing of processes.
- 30 days of vacation.
- Salary range depending on qualifications and professional experience between €60,000 and €85,000 per year.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
Health, Fitness & Fun
More net
Food & Drink
Topics that you deal with on the job
Job Locations
This is your employer
VINCI Energies
VINCI Energies is focused on introducing new technologies to stay competitive in a constantly changing world. Two key areas of development are digital transformation and the shift to renewable energy
Description
- Company Type
- Established Company
- Working Model
- Full Remote, Hybrid, Onsite
- Industry
- Internet, IT, Telecommunication
Pole Information Security Officer
- Salary
- 60.000 to 85.000€ Gross/Year
- Location
- Mannheim
- Working Model
- Onsite
- Diversity
- Open for all genders
