ICT Security & Compliance Manager 80-100% (m/f/d)

Our ICT Section consists of 20 highly skilled employees in diverse, interdisciplinary roles that support our entire operation and develop innovative ICT solutions for our mission. As a dynamically growing non-profit organisation with a global presence, we continuously work on transforming and future-proofing our ICT infrastructure and operational processes.

To strengthen our team, we are currently seeking an experienced ICT Security & Compliance Manager (m/f/d) to take on strategic and operational responsibility for the security and compliance of our ICT environment and to play a key role in shaping our ICT security strategy. You will be responsible for the development, implementation, and management of all security measures and compliance policies within our ICT infrastructure. In close collaboration with various ICT and business units, you will create a comprehensive and forward-thinking security strategy and continuously optimize it.

• Development and Implementation of Security Policies: Design and implement security standards based on Microsoft 365 E5 and ensure compliance with relevant requirements.
• Security Architecture and Protection Measures: Introduce and manage security architecture across all systems and devices, with a focus on protecting cloud infrastructure and device security through Intune.
• Compliance Management: Ensure compliance with legal regulations and company policies (e.g., GDPR, ISO 27001). Conduct regular audits and reviews to maintain security and privacy standards.
• Risk Assessment and Threat Analysis: Conduct regular risk assessments to identify potential threats and vulnerabilities. Define and implement measures for risk mitigation and establish a proactive security approach.
• Security Monitoring and Incident Management: Continuously monitor ICT systems for early detection of security incidents. Lead and coordinate responses to security incidents, including root cause analysis and remediation.
• Employee Training and Awareness: Design and conduct training sessions for employees to strengthen security awareness within the company and promote proper IT security and privacy behaviors.
• Collaboration and Consulting: Support and advise the ICT department and other business areas on security and compliance issues, while continuously working together to optimize security policies and processes.

• Professional Experience: Several years of experience in ICT security and compliance, ideally with a focus on Microsoft 365 and cloud security solutions.
• Technical Knowledge: Strong knowledge of ICT security standards and technologies, including Microsoft 365 E5, MFA, Intune, as well as compliance frameworks like ISO 27001 and GDPR.
• Analytical Skills: Solid understanding of risk management, threat analysis, and security protocols. The ability to identify vulnerabilities and develop and implement appropriate security measures.
• Communication and Training Skills: Ability to communicate complex security requirements clearly and to foster security awareness within the company.
• Organizational Skills: Structured and meticulous work approach to manage multiple security projects in parallel and maintain an overview of security and compliance measures.
• Certifications: Relevant certifications such as CISM, CISSP, ISO 27001 Lead Implementer, or similar security and compliance certifications are desirable.
• Experience with Incident Response Managementand technical security measures, as well as a willingness for continuous professional development in the rapidly evolving ICT security landscape, are advantageous.

• Facebook
  
• Xing
  
• Twitter
  
• Google+