Jobbeschreibung
With our strong brands GMX, WEB.DE and mail.com and over 43 million active users, we are the leading email and communications platform in Germany, Austria and Switzerland. From this strong market position, services and apps are developed that simplify users' digital lives - from office tools and cloud solutions to personal ID management.
Your Tasks
Would you like to continue your career in a modern digital company where information security plays a central role? Are you ready to further optimize our security level for over 35 million customers and go the extra mile every day? Then we are looking for you as a (Senior) Security Professional for our Security Governance & Assurance team, which is responsible for the strategic aspects of information security at Mail & Media.- You design and optimize strategic processes (e.g. ISMS, risk management, supply chain management). In doing so, you take into account relevant best practices, compliance requirements and the needs of the company.
- You carry out security audits and assessments both in our internal divisions and at our business partners and suppliers, compile the results in a target group-oriented manner and support the closure of identified gaps.
- You ensure a continuous increase in security awareness in the company by preparing and conducting security training courses and presentations for various technical and non-technical target groups.
- You manage projects that improve the company's security level.
- You create the necessary documentation and represent Mail & Media in external security audits, e.g. ISO27001.
Your Profile
Have you completed a technical degree or comparable training? Do you have several years of experience with strategic information security topics and can translate business requirements into technical security concepts? Are you familiar with modern concepts such as DevSecOps or Policy as a Code? Do you have experience with agile methods and enjoy working hands-on? Then we look forward to receiving your application.- You have successfully completed a degree in (business) informatics or comparable training. You have also already gained several years of experience in the field of information security, which you can prove with demonstrable success.
- You are well versed in the current relevant legislation (e.g. NIS-2, GDPR, ...), security standards (ISO 27000, NIST,...) and best practices (OWASP, ISACA...). Your very good theoretical technical background as well as your high affinity for business topics enables you to use this knowledge profitably in an agile digital organization.
- You follow current trends in the technology industry and enjoy gaining hands-on experience. You take this into account in the results of your work and are also happy to share your knowledge with others. You can engage in a qualified exchange with experts on various current topics such as cloud, microservices, AI or DevSecOps.
- You are a team player who leads by example at all times, demonstrates a high level of change competence through a “bias to action” and constructive behavior, and creates a positive environment even in difficult situations. Your understanding of your counterpart and your commitment help you to gain the necessary trust in the organization.
- Your ability to communicate orally and in writing at all levels (in German and English, both at C1 level) complements your profile.
Our Benefits
- Our corporate culture: No dress code, flat hierarchies, open and transparent communication
- Individual development opportunities: diverse training programmes, e-learning and internal communities, leadership training, language courses, mentoring
- Benefits and additional services: company pension scheme, capital-forming benefits, discounts on own products, job ticket, company car, bike leasing, corporate benefits portal
- Attractive working conditions: 30 days holiday, hybrid working, full-time and part-time arrangements, free choice between Linux, Mac or Windows
- Social: team events, summer and winter parties, family and care service, sports and fitness programmes, subsidised canteen, free fruit and drinks, health courses
- Topics that are also important to us: Sustainability, diversity and our values and leadership principles - find out more on our website mail-and-media.com
With our strong brands GMX, WEB.DE and mail.com and over 43 million active users, we are the leading email and communications platform in Germany, Austria and Switzerland. From this strong market position, services and apps are developed that simplify users' digital lives - from office tools and cloud solutions to personal ID management.
Your Tasks
Would you like to continue your career in a modern digital company where information security plays a central role? Are you ready to further optimize our security level for over 35 million customers and go the extra mile every day? Then we are looking for you as a (Senior) Security Professional for our Security Governance & Assurance team, which is responsible for the strategic aspects of information security at Mail & Media.- You design and optimize strategic processes (e.g. ISMS, risk management, supply chain management). In doing so, you take into account relevant best practices, compliance requirements and the needs of the company.
- You carry out security audits and assessments both in our internal divisions and at our business partners and suppliers, compile the results in a target group-oriented manner and support the closure of identified gaps.
- You ensure a continuous increase in security awareness in the company by preparing and conducting security training courses and presentations for various technical and non-technical target groups.
- You manage projects that improve the company's security level.
- You create the necessary documentation and represent Mail & Media in external security audits, e.g. ISO27001.
Your Profile
Have you completed a technical degree or comparable training? Do you have several years of experience with strategic information security topics and can translate business requirements into technical security concepts? Are you familiar with modern concepts such as DevSecOps or Policy as a Code? Do you have experience with agile methods and enjoy working hands-on? Then we look forward to receiving your application.- You have successfully completed a degree in (business) informatics or comparable training. You have also already gained several years of experience in the field of information security, which you can prove with demonstrable success.
- You are well versed in the current relevant legislation (e.g. NIS-2, GDPR, ...), security standards (ISO 27000, NIST,...) and best practices (OWASP, ISACA...). Your very good theoretical technical background as well as your high affinity for business topics enables you to use this knowledge profitably in an agile digital organization.
- You follow current trends in the technology industry and enjoy gaining hands-on experience. You take this into account in the results of your work and are also happy to share your knowledge with others. You can engage in a qualified exchange with experts on various current topics such as cloud, microservices, AI or DevSecOps.
- You are a team player who leads by example at all times, demonstrates a high level of change competence through a “bias to action” and constructive behavior, and creates a positive environment even in difficult situations. Your understanding of your counterpart and your commitment help you to gain the necessary trust in the organization.
- Your ability to communicate orally and in writing at all levels (in German and English, both at C1 level) complements your profile.
Our Benefits
- Our corporate culture: No dress code, flat hierarchies, open and transparent communication
- Individual development opportunities: diverse training programmes, e-learning and internal communities, leadership training, language courses, mentoring
- Benefits and additional services: company pension scheme, capital-forming benefits, discounts on own products, job ticket, company car, bike leasing, corporate benefits portal
- Attractive working conditions: 30 days holiday, hybrid working, full-time and part-time arrangements, free choice between Linux, Mac or Windows
- Social: team events, summer and winter parties, family and care service, sports and fitness programmes, subsidised canteen, free fruit and drinks, health courses
- Topics that are also important to us: Sustainability, diversity and our values and leadership principles - find out more on our website mail-and-media.com