We are seeking an experienced professional in information security management to join a growing consultancy team. The ideal candidate will possess deep expertise in the design, implementation, and continuous improvement of Information Security Management Systems (ISMS), with a strong grasp of international standards and regulatory frameworks.

Key Requirements:

• Language Skills: German language proficiency at C1 level or higher is required.
• ISMS Expertise: Demonstrated experience in implementing and maintaining Information Security Management Systems in line with ISO/IEC 27001.
• Certifications: Possession of ISO/IEC 27001 Lead Auditor or Lead Implementer credentials (or equivalent recognised qualifications) is highly desirable.
• Regulatory Knowledge: Familiarity with relevant regulations such as NIS2 and DORA is advantageous. Exposure to industry-specific standards like TISAX is considered a plus.
• Leadership Experience: Previous involvement in roles such as Chief Information Security Officer (CISO) or Information Security Officer is preferred.
• Technical Proficiency: Hands-on experience in performing risk assessments, conducting internal audits, and developing practical measures to strengthen information security posture.
• Compliance Awareness: Working knowledge of broader compliance requirements, including national IT security standards and data protection laws (e.g., GDPR).
• Interpersonal Skills: Strong analytical thinking, excellent communication abilities, and a client-oriented, solution-focused approach are essential.
• Emerging Technologies: Familiarity with artificial intelligence (AI) applications in the context of information security is an asset.

Primary Responsibilities:

• Advising clients on the implementation and optimisation of ISMS frameworks tailored to their organisational needs.
• Supporting clients through ISO/IEC 27001 or TISAX certification processes.
• Designing comprehensive information security strategies and conducting detailed risk analyses to inform protective measures.