Develop, implement, and maintain the organization's cybersecurity policies, standards, and procedures. Conduct risk assessments, threat modeling, and vulnerability assessments, including technical security audits and penetration testing. Prepare and support internal/external audits and certifications (e.g., TISAX, IATF 16949, ISO/IEC 27001, ISO 31000). Monitor and investigate security alerts, respond to incidents, and manage follow-up actions. Lead improvements in detection and response workflows with SOC and IT stakeholders. Organize, manage, and evaluate external penetration testing and vulnerability scans. Improve security infrastructure such as SIEM, EDR, IDS/IPS, firewalls, etc. Supervise vulnerability remediation, patch cycles, and endpoint protection strategies. Plan and deliver cybersecurity awareness campaigns, simulations, and targeted training.
Anforderungen:
Degree in information security, computer science, or a related technical discipline. Further training or certifications in cybersecurity or ethical hacking preferred. Professional credentials such as ISO/IEC 27001, CISSP, or TISAX® auditor are an asset. Minimum of 3 years' experience in a similar role, ideally in an international company. At least 5 years of technical experience implementing security concepts and controls. Familiarity with SOC/CSIRT operations and experience handling major security incidents. Proficient with Microsoft 365 administration, network security, and layered IT architectures. Strong knowledge of security management tools for vulnerabilities, assets, and services. Fluent in English (spoken and written); German or additional languages are a plus. Willingness to travel internationally on occasion. Residence within reasonable commuting distance to Härkingen, or willingness to relocate, is strongly preferred.