Head of Security (m/f/d)

G+D makes the lives of billions of people more secure. We develop innovative products and solutions to secure payments, identities, connectivity and data. With more than 160 years of experience and new passion every day. As an international technology group and traditional family business with over 14,000 employees in 32 countries.

We are convinced that various central banks will introduce a digital version of their currency, a so-called Central Bank Digital Currency (CBDC) in the coming years. This will create an entirely new market for products and services that fit perfectly with Giesecke+Devrient's product portfolio. It especially requires an outstanding team to deliver a disruptive innovation of that magnitude. For this, we have set up G+D advance52 GmbH as an independent start-up with a team that has a clear mission for growth and to create a substantial product business.

Security is the most crucial prerequisite for the introduction and operation of a CBDC ecosystem. In this domain we expect yet to be defined security standards way beyond standard payment rails. We need to ensure that we guarantee the required security in terms of our technical design, the product portfolio we build, the operation of a CBDC ecosystem and also from an organizational perspective. We are therefore looking for a Head of Security - CBDC (m/f/d) to take on these challenging tasks and ensure that we provide the level of trust that G+D has been valued for by its customers for 170 years.

Your Responsibilities:

• Define and continuously assess the security strategy of our CBDC product offering

• Derive the security requirements of the solution, on individual component and on system levels, based on the business use cases and in close alignment with the corporate security strategy

• Develop and maintain a security management system that fosters appropriate training and awareness related to software development security, including secure coding practices and threat modelling

• Conduct and coordinate internal security audits of software development processes and tools, and manage external audits related to software development practices

• Ensuring Compliance with Security Standards: Establish, improve and maintain adherence to an information security management system (such as ISO 27k) as well as internal policies

• Constantly raise awareness for security related topics among all teams and give advice how to implement relevant security measures into our development processes and secure operations

• Authority to lead major security related incident-, emergency- and crisis situations and represent G+D advance52 in a corporate crisis team in case of overarching security incidents

• Point of contact for security relevant industry organizations, other customer’s security departments and relevant authorities

Desired experience:

• Master degree in computer science, security / information security or a related field including engineering, mathematics, physics and other STEM subjects, or equivalent professional experience (5+ in a comparable position in industry or public functions)

• Several years of professional experience in security management functions

• Experience with internal investigations and incident management

• Relevant certifications in the field of Information Security Management is an advantage (e.g. CISA, CISM, ISO 2700x Auditor)

• Knowledge and practical experience in the application of relevant standards and norms (e.g. ISO 27xxx, Common Criteria, PCI SSC guidelines, NIST Cybersecurity Framework)

• Experience with security audits, certifications and the planning, implementation and follow-up of internal and external audits in connection with the group risk management system

• Distinct ability to communicate security problems in a target group-oriented manner

• Plus: Experience in IT-security on a critical infrastructure/governmental level

• Plus: Knowledge and practical experience in the application of relevant standards and norms (e.g. OWASP SAMM, Common Criteria, PCI SSC guidelines, NIST Cybersecurity Framework)

Benefits:

• You will play a driving role in shaping our CBDC solution, thereby having the potential to revolutionize the future of payments

• You will have the opportunity to gain deep knowledge in the cutting edge area of central bank digital currencies

• You will be empowered to achieve your maximum potential through a supportive environment that places trust in your abilities and celebrates your accomplishments

• All that matters here are your work and the results - where, and when you work is flexible

• A competitive market-standard salary

$$ We are an equal opportunity employer! We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation. 

 $$ Hannah Distler $$ career@gi-de.com $$ $$ $$ https://career5.successfactors.eu/career?company=gieseckede&career_job_req_id=25107&career_ns=job_application