Head of Information Security - Düsseldorf, Deutschland - METRO/MAKRO

Beschreibung

Head of Information Security (IS), Governance, Risk and Compliance (m/f/d) METRO/MAKRO

View company page

Are you looking for a challenging and rewarding career in the trade sector or will you bring in your passion for the same while developing further personally and professionally? Look no further than METRO As a leading international food wholesaler, we specialize in meeting the unique needs of hotels, restaurants, caterers, and independent traders. With around 17 million customers worldwide, our multichannel approach allows for easy purchasing both in-store, via online order and via delivery – all digitally connected. We operate in over 30 countries, employing more than 93,000 people globally, and our sales reached €29.8 billion in the most recent financial year, aiming to continue our journey of successful growth.

Job Description

Join us, in developing and strengthening an entire department and transforming cybersecurity capabilities on a global scale. If you're committed to making a real impact in the field of Cyber Security, you can #ShapeTheM with us.

Besides an interesting professional environment, we offer you a culture that wants you to thrive and allows to learn from each other:

We try together, we stumble together, we get up together and shape our future. Be part of our transformation, build cross-functional capabilities and discover new ways of excelling in the Cyber Security field.

We create impact in the world of food and offer comfort for our customers worldwide. To achieve this, we build capabilities to be the cyber-resilient omni-channel wholesaler.

We invite you to take on responsibility, make our company your company and create a business together that remains true to its roots but always seeks new solutions.

Together, we CARRY the M, we GROW the M, we INSPIRE the M, we SHAPE the M.

Your purpose as Head of IS Governance, Risk and Compliance (m/f/d):

In this role, you'll lead efforts to elevate METRO's overall maturity by working with Business Information Security Officers to reduce risks in alignment with METRO AG's objectives. Your responsibilities also include running awareness campaigns and automating internal control activities for enhanced information security. You will be leading a team of 7 memebers.

• Defineand develop Information Security Framework (Processes, Guidelines and Standard Operation Procedures) by considering relevant regulatory requirements and international standards and best-practices to secure consistent ways-of-working across METRO in relation of IT and Information Security risks and threats.
• Support and monitor the implementation of METRO Information Security Management across METRO to ensure that systemic and undesired risks are assess are reduced to an acceptable level and within the frame of the risk appetite defined by METRO AG Management board.
• Define and run, with the help METRO entities, awareness campaign and targeted training to increase overall level of knowledge and to secure METRO's employees understanding about their roles and responsibilities to create a more cyber resilient omnichannel wholesaler.
• Support strategic initiatives and programs with security by design activities to secure that Information Security requirements and processes are considered by business stakeholders.
• Support CISO in defining annual objectives and monitor progresses and relevant KPI to be reported to METRO AG Boards.

Qualifications

• Master's degree (MSc) in Computer Science or a Master's in Information Security (MEng).
• 10-15 years of experience in Information Security (IS) Governance, Risk, and Compliance in larger corporations.
• Track record of leadership experience.
• Proven expertise in implementing ISO 27001-based Information Security Management Systems.
• Strong KPI-driven focus.
• Demonstrated ability to enhance organizational maturity and align with METRO's risk appetite.
• Proficiency in developing risk reduction action plans and managing awareness campaigns.
• Experience in automating internal control activities for information security.

Additional Information

• To be part of a fast-growing international team that has significant scaling ambitions across multiple markets.
• Work-Life Balance: Trusted working hours, 30 days of vacation and home office options
• Further training: A comprehensive further training offer over an own training team as well as an own annual training budget
• Well-being: Health programs, a free fitness studio on our campus and regular employee events
• Comfort: Very good public transport connections and free parking spaces including charging facilities for e-mobility. A canteens with a varied selection of meals and discounts in our stores and at many partner companies

Please note that all job opportunities at METRO AG require that you live in/move to Germany and can be in office in Düsseldorf at least 2 times per week. We don't offer 100% remote opportunities.

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.