Jobbeschreibung
Step out of your comfort zone, excel and redefine the limits of what is possible. That's just what our employees are doing every single day – in order to set the pace through our innovations and enable outstanding achievements. After all, behind every successful company are many great fascinating people.In a spacious modern setting full of opportunities for further development, ZEISS employees work in a place where expert knowledge and team spirit reign supreme. All of this is supported by a special ownership structure and the long-term goal of the Carl Zeiss Foundation: to bring science and society into the future together.
Join us today. Inspire people tomorrow.
Diversity is a part of ZEISS. We look forward to receiving your application regardless of gender, nationality, ethnic and social origin, religion, philosophy of life, disability, age, sexual orientation or identity.
Apply now! It takes less than 10 minutes.
The InfoSec Certifications and Governance team is responsible for developing, implementing, and maintaining the ZEISS Information Security Program within the ZEISS Information Security Organization. The ZEISS Information Security Program is aligned with well-known international frameworks and standards and considers requirements from all business functions across the ZEISS group as well as regulatory requirements. Furthermore, the team's responsibilities include Governance, Risk and Compliance Management, Information Security Audit Management, and ISMS operation. As Senior Information Security Manager, you will be engaged to further development and operation of the ZEISS Information Security Program in areas such as the ZEISS Information Security Management System Process, the ZEISS Policy Framework, Information Security in Supplier Relationships and Prototype Protection.
You will
-
Define, develop and review information security policies, procedures, guidelines, forms and templates together with the related Subject Matter Experts
-
Recommend and develop measures to ensure compliance with ISO 27001 as well as other applicable information security requirements and frameworks
-
Work on Information Security Risk Assessments and Analysis to make sure appropriate measures are taken in order to treat identified Information Security Risks appropriately
-
Further develop and implement Information Security Auditing across all ZEISS legal entities and locations together with the responsible Regional and Business Information Security Officers
-
Support communication of all matters relating to the ZEISS Information Security Program into all Businesses and Regions
-
Work on further development of the ZEISS GRC tool
-
Shape the Information Security posture of ZEISS globally and in a sustainable way with the ability to bring your ideas to life
-
Be part of a dynamic and motivated team with a passion for Information Security consisting of people of all different experience levels and personalities
-
Apprenticeship / professional education / studies in the field of Information Security (Bachelor's or Master's degree) or equivalent combination of education and working experience
-
>4 years of professional experience in a field related to IT- or Information Security, e. g. Information Security Management, ISO 27001, Information Security KPIs, Information Security Incident Management
-
First experience of successfully projects related to ISO 27001, Information Security Auditing, creation and supporting of the implementation of policy frameworks on a global scale in complex environments
-
Ability to work in a structured and independent way
-
An analytic personality, including the ability to solve complex tasks and problems by applying innovative thinking
-
A stakeholder's manager who brings a hands-on mentality as well as a goal-oriented mindset
-
Fluent English or German language skills
-
French, Spanish or other languages are of advantage