Job
- Level
- Experienced
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Moers
- Working Model
- Onsite
Job Summary
In this role, you analyze the security situation in wholesale, develop measures for NIS-2 compliance and KRITIS requirements, implement an ISMS, and conduct risk assessments.
Job Technologies
Your role in the team
- Administrative activities in the field of information security:
- Analysis of the current security situation and derivation of measures to meet the NIS-2 requirements in wholesale and its subsidiaries.
- Support in the review and implementation of KRITIS requirements in accordance with the BSI Act (BSIG) and the KRITIS Framework Act, including the determination of the impact on individual company departments.
- Development and maintenance of a register of critical services and infrastructures within the corporate group.
- Support in the development, implementation, and continuous improvement of a group-wide Information Security Management System (ISMS).
- Development and maintenance of security policies, concepts, and documentation in accordance with NIS-2 and relevant standards (e.g., ISO 27001, BSI IT-Grundschutz).
- Coordination and support of internal and external audits as well as assistance with certification processes.
- Conducting risk analyses and assessing threat scenarios for IT and OT infrastructure.
- Conducting Business Impact Analyses (wholesale and subsidiaries).
- Training and awareness-raising for employees and managers on information security topics.
- Contact person for authorities (especially BSI), supervisory bodies, and external service providers on all matters related to NIS-2 compliance.
- Reporting security incidents to the BSI (legal reporting obligations).
- Monitoring and reporting of security incidents as well as coordination of incident response processes.
- Close collaboration with the IT department, management, and the responsible persons in the subsidiaries.
This text has been machine translated. Show original
Our expectations of you
Education
- Ideally, a completed degree, training as an IT specialist, or a comparable IT qualification.
Qualifications
- In-depth knowledge of the NIS-2 Directive as well as relevant standards and frameworks (ISO 27001, BSI IT-Grundschutz, KRITIS requirements).
- Very good knowledge of German in Word and writing.
- Confident and assertive demeanor.
- Meticulous, independent, and structured way of working.
- High level of motivation and resilience.
Experience
- Experience in establishing and operating an ISMS.
This text has been machine translated. Show original
What we offer
- Great colleagues who work together to create a collegial and team-oriented work environment.
- A comprehensive onboarding process and numerous opportunities to actively develop your skills, contribute your own ideas, and further evolve.
- Exciting and responsible tasks in a dynamic trading environment.
- The opportunity to work with a high degree of independence, responsibility, and considerable scope for shaping your work.
- A secure job with an attractive salary package, including holiday and Christmas bonuses.
This text has been machine translated. Show original
Benefits
Health, Fitness & Fun
Food & Drink
Work-Life-Integration
More net
Topics that you deal with on the job
Job Locations
This is your employer
EDEKA ZENTRALE AG & Co. KG
The EDEKA headquarters in Hamburg is a strategic tool for the further development of the EDEKA network. From here, numerous impulses are sent out to realize cross-sectional goals.
Description
- Founding year
- 1907
- Company Type
- Established Company
- Working Model
- Full Remote, Hybrid, Onsite
- Industry
- Trade
Dev Reviews
by devworkplaces.com
Total
(1 Review)3.5
Workingconditions
4.4Engineering
3.0Career Growth
3.2Culture
3.6
information security officer
- Location
- Moers
- Working Model
- Onsite
- Diversity
- Open for all genders
