Business Information Security Officer - Berlin, Deutschland - GEA Group

GEA Group

Geprüftes Unternehmen

Berlin, Deutschland

vor 2 Wochen

Geschrieben von:

Lena Wagner

beBee Recruiter

Beschreibung

Business Information Security Officer (BISO) HRT:

Job information:

Reference number:

JR

Job function:

Corporate Services & Business Administration

Position type:

Full time

Site:

Berlin
10997 Berlin

Your responsibilities and tasks:

The Business Information Security Officer (BISO) HRT implements the global security and business continuity requirements in the HRT division and specifies/expands them based on divisional information security requirements without being contradictory to the global requirements.

The BISO is the CISO's first contact regarding all security and business continuity topics within GEA's HRT division and responsible for all security and business continuity topics within this division.

Additionally, the BISO HRT is covering the security and business continuity topics for the GEA site in Berlin, where he is acting as a Local Information Security Officer (LISO).

Implements the global security and business continuity requirements and specifies/expands them based on divisional security and business continuity requirements without contradicting the global requirements
Assesses division specific security and business continuity requirements and ensures identification and collection of security demands of the division, division business partners and security business partners
Identifies new security and business continuity needs within the division, especially with regards to trends and risks
Identifies and addresses legal and customer security requirements within the division
Supports the implementation of the global Information Security Management System (ISMS) and global business continuity standards within the division
Implements the global riskbased approach to protecting information and other assets within his division and performs vulnerability management related tasks
Manages information assets and security and business continuity risks on divisional level by working closely with the accountable process owners
Coordinates or performs the Business Impact Analysis (BIA) and defines, tests, and supports the execution of the Business Continuity Plans (BCP) together with the accountable process owners within his scope of responsibility
Establishes and maintain key relationships, collaborations, and partnerships to advance security and business continuity objectives with the divisional leadership, local managing directors, process owners, other business engagement counterparts, IT, facility management, production, product development, legal and compliance and others.
Collaborates with local/global asset owners to ensure all security related controls and measures in his responsibility are implemented, managed, controlled, and reported
Performs security and business continuity reviews and audits within his division and monitors the information security requirements within his division
Can functionally instruct the Local Information Security Officer (LISO) and receives continuous reporting from the LISOs
Participates in the security and business continuity incident handling process in accordance with assigned role during the declaration of the incident
Responsible for reporting security and business continuity incidents in accordance with the incident handling process for his scope of responsibility

Your profile and qualifications:

Bachler or master's degree in Information Technology/ Computer Science / Cybersecurity, Business Administration, or a related technical discipline
Security and Business Continuity Certifications advantageous (

CISSP:
Certified Information Systems Security Professional,

CISM:
Certified Information Security Manager, ISMS Lead Implementor, ISMS Lead Auditor, BCMS Implementer, BCMS Lead Auditor)

IT (Security) Certifications advantageous (e

g ITIL:
Information Technology Infrastructure Library,

COBIT:
Control Objectives for Information and Related Technology,

CISA:
Certified Information Systems Auditor)

5+ years of experience in leading position related to Cyber

- or Information Security

Very well knowledge of (cyber) security technologies and methods (threat landscapes, models, standards) and well as business continuity
Indepth knowhow in managementsystems, audits, dealing with auditfindings
Indepth knowhow in ISO 27001, NIST SP , IEC 62443, ISO 2230
Knowledge security standards such as ISO, PCI, HIPAA and SOX advantageous
Experience in system and network design
Experience in O365 and Azure Security
Experience in multivendor Management and dealing with multiple suppliers
Knowledge in Heating and Refrigeration industry advantageous
IT Service Management and ITIL process framework advantageous
Strong interpersonal skills in communication and collaboration
Negotiation skills at different levels (customers, suppliers)
Strong communication skills, in English, local language is a plus
Strong analytical ability, business acumen, problem solvin