Senior InfoSec Expert – ZEISS Security Engineer Program Office (f/m/x)

ZEISS

Job Description
Step out of your comfort zone, excel and redefine the limits of what is possible. That's just what our employees are doing every single day – in order to set the pace through our innovations and enable outstanding achievements. After all, behind every successful company are many great fascinating people.

In a spacious modern setting full of opportunities for further development, ZEISS employees work in a place where expert knowledge and team spirit reign supreme. All of this is supported by a special ownership structure and the long-term goal of the Carl Zeiss Foundation: to bring science and society into the future together.

Join us today. Inspire people tomorrow.

Diversity is a part of ZEISS. We look forward to receiving your application regardless of gender, nationality, ethnic and social origin, religion, philosophy of life, disability, age, sexual orientation or identity.

Apply now! It takes less than 10 minutes.

The Senior Security Expert- ZEISS Security Engineer Program Office is responsible for the coordination, facilitation, and organization of all activities within the ZEISS Security Engineer Program Office. He acts as the key contact person, around the organization of the Programs, defines, enables, and monitors rules and operational principles of the Programs, and ensure efficiency and effectiveness in the way of collaborating and working within the Programs. He support the coordination, and the creation of Security Engineer working groups and oversight the proper function as well as the deliverable out of the Program. He has the responsibility to document maintain and update important information or decisions around the Programs (including the SecEng directory, the training provider directory, annual follow-up of certifications, etc.).

  • Manage, plan, execute and (cost-) monitor the project portfolio optimizing the ZSE (ZEISS Security Engineer) program, its community and interested employees i.e., community concept, participant management & directory, InfoSec license extension

  • Development of a reporting and governance structure to tactically monitor and oversee the ZSE project portfolio

  • Conduction of onboarding for new and individual operative support of active ZSEs in order to provide an even more personalized learning plan and directly consider business

  • Detailing and operationalizing general administrative topics into specific projects i.e., ZSE onboarding concept to optimize the ZSE program towards more efficiency and higher UX

  • Identifying automation potentials and implementing needed quick automations via MS Power Automate or other quick RPA tools; i.e., automated mailings to program office, HR, etc.

  • Critically challenge the ZSE program to continuously improve the processes for administration, academy and community

  • Consistent and KPI-backed communication towards ZSEs incl. development of communication plans and guidelines to proactively support the change management processes i.e, tool implementations

  • Management and facilitation of the community structure to strengthen knowledge exchange, team building between InfoSec groups and include ZEISS business needs

  • Assessment, selection and management of 3rd parties (i.e., CHR, SMEs/BSEs, etc.) for the organization and conduction of internal team building events, award ceremonies and conferences for a strong ZSE community (i.e., secure coding events, hackathons, etc.)

  • Continuously evaluate trends and domains on Information Security including their necessity and (business) impact on ZEISS and the ZSE program (i.e, AI, ransomware, social engineering, NIS2 etc.) to always preserve the recency of information security at ZEISS

  • Leading and managing projects to optimize the InfoSec educational programs to increase quality and recency of contents i.e, Information Security fundamentals, domain specific knowledge


  • 5+ years of experience in solution development and operation, including in positions such as Agile Coach, product Owner, or Project manager

  • Strong experience in secure digital solution design or development /engineering (SW and HW) in large organization

  • Strong Secure DevOps development practices, and experience in secure CI/CD pipelines.

  • Strong expertise in Community management as well as stakeholder expectations and experiences management

  • Understanding of staff education, e-learning, knowledge management

  • Excellent written and oral/digital communication skills with multiple levels of leadership involving both business and technical sides of the business

  • Demonstrated passion for understanding ambiguous, complex problems and driving high-quality, innovative, and robust solutions.

  • General Information Security proficiency

  • Technical leadership mindset, proactive and result oriented.

  • Solid knowledge of industry Security standards and technology such as ISO27002, etc.

  • Ability to work under pressure and make sustainable decisions in time-critical situations

  • Proactive attitude and high degree of independence

  • Business fluent knowledge of English and German, further languages are of advantage

  • Experience in leading initiatives, activities or communities leveraging global teams with matrix resources

View More