Information Security Manager

Job Title: Information Security Manager (In-House)

Location: Germany (Duisburg, Düsseldorf, Essen, and Cologne - travel between sites required)

Company Overview:

Our client is a leading organization within the medical sector, operating through a group of specialized brands dedicated to providing high-quality services in the healthcare industry.

With a workforce of around 1,200 employees, this organization operates in a collaborative and dynamic environment, with offices across Duisburg (HQ), Düsseldorf, Essen, and Cologne. The offices are conveniently located near each other, enabling seamless coordination across teams.

Key Responsibilities:

• ISO27001 Compliance: Ensure that the organization remains ISO27001 certified annually, managing the certification process and internal audits to guarantee full compliance with industry standards.
• Risk Management Development: Develop and enhance risk management practices to improve the maturity of the organization’s security framework and address emerging threats effectively.
• Operational Security Enhancement: Implement and oversee operational security measures to safeguard the company’s assets, data, and networks.
• Technical Leadership and Collaboration: Work closely with the IT department to ensure that all security measures are technically sound and aligned with business needs. You will be expected to have a hands-on understanding of technical cybersecurity concepts to effectively communicate and enforce security policies.
• Stakeholder Engagement: Collaborate with key business stakeholders, including the CIO, Head of IT Operations, and Board Executives to drive security initiatives and ensure alignment with broader organizational goals.
• Policy and Governance: Lead the creation, review, and implementation of information security policies, procedures, and guidelines across the organization.

Key Requirements:

Technical Experience:

• 2-3 years in a technical background, ideally as a systems engineer or similar role, with a deep understanding of IT systems.
• 3 years of direct experience in information security, focusing on ISO27001, NIS2, and operational security.

• ISO27001 & NIS2 Expertise: Proven experience in managing or supporting ISO27001 certification, as well as familiarity with NIS2 directives for cybersecurity.
• Language Skills: Fluent in German is a must, as the role will require communication across teams in Germany.
• Collaboration Skills: Strong interpersonal and relationship-building skills, with the ability to work effectively with IT teams and business leaders at all levels of the organization.
• Travel: Willingness to travel between the company’s various offices (Duisburg, Düsseldorf, Essen, Cologne) as needed.

Compensation:

• Competitive salary of up to £100,000.