Tasks:

• Translate the IT and Information Security Risks and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting.
• Lead the execution of security Improvement and supporting security projects that address identified risks and business security requirements.
• Work with your functional manager and the Brose Group CISO to align on goals, plan and specific risks and requirements support.
• Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing with a realistic overview of risks and threats in the enterprise environment.
•  Verifies compliance with security procedures, standards, policies, and best practices.
• Assist resource owners and IT staff in understanding and responding to security audit outcomes.
•  Provide security communication, awareness and training for audiences, which may range from senior leaders to field staff.
• Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable risk-level agreements.
•  Manage security issues, incidents and participate in problem and change management forums.
• Provide support and guidance for legal and regulatory compliance efforts, including audit support.
• Work with the IT architecture team to ensure that there is a convergence of business, technical and security requirements.
•  Manage and coordinate operational components of security incident management, including detection, response and reporting to the Brose Group CISO.
• Preparation of reports, analyses, and summaries on the Brose Group Information Security Management System.

We offer:​​​​​​​

• Stable employment.
• Individual career development and promotion opportunities.
• Many financial benefits, e.g. holiday and Christmas pay and performance, annual, attendance and team bonuses.
• Preferential sports packages, subsidised canteen meals.
• Working in a hybrid model.

Requirements:

• Bachelor or master’s degree in information security, computer science, business and computer science or comparable practical business experience.
•  5+ years of IT experience with at least 3 years in an information security role.
• Experience with security frameworks deployment (e.g. NIST, ISO 27001, TISAX, TPISR, SOC2).
• Fluent in English.
• Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
•  Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively.
• Excellent understanding of information security concepts, protocols, industry best practices and strategies.
• Strong project management skills and experience in creating and managing project plans, including budgeting and resource allocation.