Information Security and Risk Manager

The Role

• Strengthening of information security, risk management, and data protection.
• Join a newly formed healthcare venture by leading digital resilience, driving strategic initiatives, managing cybersecurity operations, and fostering a culture of continuousimprovement in information security.
• As the central information security and risk manager, your primary purpose is to provide strategic guidance and operational leadership in the development, expansion, and continuous improvement of group level standards for information security, information risk management, and data protection within the organisation.
• You will play a crucial role in building a high-performance healthcare leader in Europe. With approximately 13,000 employees across Austria, Germany, Switzerland and the Czech Republic, we stand for
  excellence in post-acute care services, ambulatory care, and innovative healthcare services.
• You will serve as the primary demand manager of all cybersecurity services, overseeing their implementation, operation, and enhancement.
• This role plays a pivotal part in safeguarding all the organisation’s digital assets of central and local business units, ensuring compliance with regulatory frameworks, and fostering a culture of continuous improvement in information security.

Responsibilities

• Develop, maintain, update, and enforce IT security policies and guidelines.
• Conduct risk analyses during audits, contributing to the improvement of Information
• Security Management System (ISMS) processes.
• Align with data protection officer and chief information security officer regarding group level policies and fulfilment of legal requirements.
• Monitor compliance with and implementation of group level policies on IT security, information risk management and data protection by all central and local IT units.
• Lead the demand management, implementation, operation, and continuous development of procured IT security services.
• Regularly identify, assess, manage, and test for cybersecurity vulnerabilities.
• Develop action plans and monitor the corresponding implementation tracking process.
• Conduct IT security audits, reviews, and consultations internally and with third-party customers.
• Ensure compliance with legal framework conditions related to IT.
• Maintain and review data protection activities of all central and local IT units.
• Collaborate on cross-functional projects related to information security and risk management.
• Preparation of key figures on IT security performance for the Executive Board.
• Elaborate a gap analysis between the current information risk management and requirements of the information security policy. Analyse IT security violations and incidents, implementing appropriate
  countermeasures as part of the company’s continuous improvement process.

Requirements
Education and Experience

• Profound professional experience in the ICT and cyber security sector
  University degree in information technology, Business Informatics, information security management, or a related field.
• In-depth knowledge of information security principles, risk management, and data protection.
• Awareness of regulatory frameworks, laws, standards, and best practices in information security.
• Practical experience in security technologies, including firewalling, endpoint protection and response (EDR), and vulnerability management.
• Proficiency in industry-standard software applications, project management, and IT security. Experience in leading diverse IT units while complying with group level requirements on IT security
• Experience in collaboration with data protection officer and chief information security officer. Key competencies
• Strong awareness of security, quality, and continuous improvement.
• Excellent communication and presentation skills in both written and spoken German and English.
• Professional appearance, maintaining confidentiality, and confident demeanour with business partners at all levels.
• Strong problem-solving skills, creativity, flexibility, and commitment.
• High level of initiative and a collaborative team spirit.

The offer
A stimulating and diverse role within a dynamic environment, providing promising future opportunities in an internationally successful group.

• PURPOSE: Experience the fulfilment of contributing to a meaningful industry with excellent prospects, dedicated to advancing the health and well-being of humanity
• GROWTH & DEVELOPMENT: They prioritize the personal and professional growth of their employees, actively supporting their ongoing learning and advancement.
• TEAM: Engage in diverse tasks and foster teamwork that champions diversity, equal opportunities, and a spirit of innovation.
• FLEXIBILITY: Enjoy an appealing work environment with flexible working hours within a framework of flexitime and the option for remote work.
• MOBILITY: Benefit from convenient transportation options, whether public transit or by car, with ample parking facilities available.
• BENEFITS: Take advantage of discounted lunch options, complimentary hot beverages, and more.
• HEALTH: Access a range of offerings through the company health management program, prioritizing the well-being of their employees.
• Your compensation package will be customized to align with your qualifications and experience. You will work together to create a personalized agreement that meets your needs and expectations.