Campus Security Officer ensuring safety at Bright Horizons early childcare centers in Seattle. Responsible for access control, surveillance, and emergency response.
VK
Hybrid Manager, Cyber Security – Regulatory Compliance
Posted last month
About the role
- Manager in Cyber Security & Regulatory Compliance overseeing IT security and compliance processes at C.H.BECK, a longstanding media group. Engaging in risk management and collaboration across departments.
Responsibilities
- Establish, operate and continuously develop a group-wide ISMS in accordance with ISO/IEC 27001:2022 and ISO/IEC 42001
- Introduce and enhance structured and partially automated compliance processes, e.g., for evidence collection, controls and audit preparation
- Integrate regulatory requirements (DORA, EU AI Act, NIS2, GDPR) into existing compliance structures
- Prepare, coordinate and support internal and external audits, with a focus on automation and reduced documentation overhead
- Maintain the risk and asset registers and perform standardized risk assessments in IT, AI and project contexts
- Implement AI governance according to ISO/IEC 42001 and establish AI risk management across the entire lifecycle
- Implement the requirements of the EU AI Act for high‑risk AI systems
- Implement requirements for IT risk management, business continuity, disaster recovery and incident management in line with legal and regulatory obligations
- Develop, harmonize and maintain group‑wide security policies
- Work closely with IT, Legal, Data Protection, Procurement, Sales and external auditors, and prepare regular management reports
Requirements
- Degree in Business Law, IT Law, Law & Compliance or an equivalent qualification
- Relevant professional experience in IT law, data protection, compliance, regulation, or in interface roles between Legal and IT
- Strong knowledge of relevant standards and regulations, in particular: ISO/IEC 27001, ISO/IEC 42001, GDPR, EU AI Act, DORA, NIS2
- Documented further training in information security, ideally as an ISO/IEC 27001 Practitioner, Lead Implementer or Lead Auditor
- Experience analyzing regulatory requirements, producing compliance documentation and supporting internal and external audits
- Excellent communication skills and a confident presence with auditors, business units and management
- Structured, independent and solution‑oriented working style with strong analytical skills
- Excellent German and English language skills
- Advantageous: experience with GRC/TPRM tools (e.g., OneTrust, Vanta, Drata)
Benefits
- Sports and health programs — cooperation with EGYM
- Flexible working arrangements: 37.5 hours/week full-time with flextime and home office
- After-work beer, internal staff trade fair, summer and winter company events
- Travel and lunch allowances, parking with e-charging infrastructure, book discounts & much more!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Sounding and Security Watch responsible for Navy asset security at NSF Diego Garcia. Conducting checks and ensuring safety during designated watch hours with strong situational awareness.
Sales Enablement Manager creating technical content for Upwind Security. Collaborating across teams to translate cloud security concepts into clear narratives for engineers and security leaders.
Security Engineer designing and implementing security measures to protect Snap Inc.'s infrastructure. Collaborating across teams while focusing on threat detection and response strategies.
IT Security & Compliance Head at Lonza leading security strategy and managing global risk. Collaboration with senior leadership to enhance information security across Capsules & Health Ingredients business.
Senior Security Manager leading security for Sanofi meetings and events across North America. Ensuring compliance with global meeting policies and managing event security operations in high - stake environments.
Security Officer maintaining safety protocols at Aloft New Orleans. Responsible for patrolling, monitoring security systems, and assisting guests with safety - related concerns.
Security Detection Specialist responsible for detecting cybersecurity incidents using advanced security technologies. Analyzing data feeds and leveraging security tools for incident detection and reporting.
Senior Incident Response Engineer at Walmart focusing on security threat campaigns to enhance detection and response capabilities. Collaborating with SOC and engineering teams to improve security posture.
Head of Infrastructure & Security at Kinatico, a RegTech leader, focused on cloud infrastructure and security governance. Leading a technically deep team of cloud engineers and security specialists in a hybrid environment.