Information Security Advisor ensuring risk assessment and compliance for Sun Life business groups. Conducting risk assessments and advising on information security best practices.
About the role
- Senior IT-Security Manager responsible for IT security and compliance in Hamburg office. Overseeing development, implementation, and continuous improvement of information security management systems.
Responsibilities
- Establish, introduce and continuously develop a company-wide Information Security Management System (ISMS).
- Continuously review, enhance and maintain the ISMS.
- Create and update required policies.
- Coordinate with internal business units as well as with the group’s information security team.
- Conduct risk analyses and introduce and coordinate Business Continuity Management.
- Proactively handle security incidents and manage risks and emergency response.
- Design, manage and monitor measures to ensure IT security.
- Create and maintain security documentation, plan and deliver internal training for employees, and promote company-wide security awareness.
- Select and coordinate service providers for Managed Detection and Response, Managed Security Awareness, penetration tests and audits.
- Work closely with IT, management and data protection to integrate requirements into all business processes.
- Prepare for ISO 27001 certification (or comparable standards).
Requirements
- Degree in Computer Science, IT Security or a comparable qualification and relevant professional experience
- Several years of practical professional experience in IT security, information security or IT compliance
- Additional qualification as an Information Security Officer and/or certifications such as CISM, BCM, CISSP, ISO 27001 Lead Implementer/Auditor
- Solid knowledge of risk management, IT compliance and common frameworks (e.g. CIS, CVSS, CWE)
- Experience in developing, implementing and monitoring security concepts and policies
- Analytical and communicative, with strong business and technical understanding and the willingness to work operationally
- Flexibility and willingness to work 2–3 days per week from the office
- Fluent in German and English.
Benefits
- Flexible working hours and hybrid working to support a good work–life balance.
- We cover the Deutschlandticket and additionally offer bicycle leasing via JobRad.
- Health promotion through fitness and massage subsidies as well as regular yoga classes.
- We support your future with a company pension scheme.
- Regular events such as summer and Christmas parties, happy lunches and after-work events.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Auditing clients' organisations and products against ISO 27001 and ISO 22301 standards. Building relationships and improving business performance with a client - centric approach.
Cloud Cybersecurity Engineer modernizing leading multi - cloud environments for Leidos. Supporting USAF system resiliency and security with hands - on cloud experience.
Senior Developer in Application Security at Clio focusing on innovative security solutions. Responsible for proactive vulnerability management in core applications and advising on security best practices.
Enterprise Services Manager leading the Technical Account Management team at Proofpoint. Responsible for maximizing customer value of products and services while ensuring high customer satisfaction.
Information Systems Security Engineer providing technical solutions and support for Department of Defense systems. Leveraging industry knowledge to increase operational efficiencies focusing on classified data systems.
Network Security Architect at Dell influencing security culture and designing secure network environments. Collaborating across teams and developing strategies for modern network security.
Senior Enterprise Security Engineer performing security assessments and threat modeling for Salesforce systems. Collaborating with teams and defining security standards across diverse technology environments.
Fullstack Software Engineer focusing on security to ensure resilience and data protection at health tech company Alan. Involved in building foundational security and authentication systems.
Security Engineer building trust foundations for bare - metal platforms at OpenAI. Designing and operating core security infrastructure for reliable compute platforms across global infrastructure.