Information Security Program Manager (m/f/d)

We are looking for a

Information Security Program Manager (m/f/d)

(unlimited, full-time) Join our team in Berlin, Münster, Amsterdam, Heerenveen, Luxembourg or Verl – flexible working conditions available.
 

We are looking for an Information Security Program Manager to join our CISO team in our regulated institute that is subject to DORA. This role will coordinate our consulting and assurance teams, advise internal stakeholders on resilience-related domains like information security, business continuity, IT governance, second line audits and ICT third party management.

Key Responsibilities:

• Project & Program Management: Plan, manage, and execute large-scale programs for the resilience domains across the organization. This includes tracking activities, budgets, issues, and escalations effectively, and conducting regular risk assessments and reports to ensure the comprehensive and timely execution of these projects.
• Engagement with stakeholders: Engage with senior management, project team members, and external partners, to assign responsibilities and ensure pre-defined quality objectives are met.
• Process Governance: Own and manage the process map for the CISO team, ensuring governance over more than 100 processes to track and execute according to quality objectives. Provide internal reports on the activities, covering consulting, assurance, and overarching functions.
• Awareness & Outreach: Develop and implement comprehensive awareness campaigns to promote information security practices and embed a culture of security and resilience within the organization. Utilize effective communication strategies to ensure all employees are informed and engaged with the CISO team's initiatives.
• Audit Program Management: Plan and coordinate the internal and external audit and assessment activities of the Assurance team. This includes risk-based second line audit engagements of internal functions, as well as ICT third-party audits and engagements. Supervise stakeholder management. Aim to automate this process over time.

What you need to succeed in the role:

• A bachelor's degree in Business Administration, Computer Science, or a related discipline is required. Advanced degrees or relevant certifications, such as PMP or CISM, are highly desirable.
• Minimum of 2 years in project and/or program management, ideally in large-scale security projects from start to finish, with strong organizational and multitasking skills.
• Professional background and the best experience in areas such as information security, business continuity management, and IT governance are essential. Familiarity with relevant regulations in the financial industry, such as DORA, is highly desirable.
• Excellent verbal and written communication skills in English and preferably in German, with the ability to effectively convey intricate security concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills, proven ability to assess project management issues and formulate effective response strategies.