METRO/MAKRO
METRO is a partner of many small and mid-sized independent companies. Their success is our business. The group is headed by METRO AG, which acts as the central management holding company.
As a leading international food wholesaler, we at METRO are specialized in catering to the needs of hotels, restaurants, caterers (HoReCa), independent merchants (Traders), and more. With approximately 15 million customers worldwide, our unique multichannel mix offers the flexibility of purchasing goods in-store or via our digitally connected Food Service Distribution (FSD) delivery. In addition, we are continuously expanding our international online marketplace, METRO MARKETS, to meet the needs of our professional customers. We furthermore take pride in our commitment to sustainability which is considered in all our actions and being listed in various sustainability indices and rankings for years is proof for our dedication (e. g. MSCI, CDP, Dow Jones Sustainability Index). With our business operations spanning 32 countries, over 90,000 employees worldwide and generating sales of around €30 billion in the fiscal year 2022/23, we are determined to continue our journey to growth.
At METRO, we have set ourselves ambitious goals with our “sCore” growth strategy which is closely accompanied by our Fundamentals. These shared values provide us with rules of conduct that are binding for everyone at METRO, in all countries and companies. Our commitment to wholesale is at the forefront of our mission, and we are constantly striving to improve. With our ONE METRO spirit, everyone stands together, bringing curiosity, determination, courage, drive, commitment, and trust. Find out more about METRO at careers.metroag.de.
Job Description
Join us in developing and strengthening an entire department and transforming cybersecurity capabilities on a global scale. If you're committed to making a real impact in the field of Cyber Security, you can #ShapeTheM with us.
Besides an interesting professional environment, we offer you a culture that wants you to thrive and allows you to learn from each other:
- We try together, we stumble together, we get up together and shape our future. Be part of our transformation, build cross-functional capabilities and discover new ways of excelling in the Cyber Security field.
- We create impact in the world of food and offer comfort for our customers worldwide. To achieve this, we build capabilities to be the cyber-resilient omni-channel wholesaler.
- We invite you to take on responsibility, make our company your company and create a business together that remains true to its roots but always seeks new solutions.
- Together, we CARRY the M, we GROW the M, we INSPIRE the M, we SHAPE the M.
The purpose of this role is to define the security requirements for the cloud platforms utilized at METRO based on the industry standards and regulations as well as monitor their fulfillment. This role owns knowledge of common security threats, security controls and associated technologies and practices related to securing the relevant IaaS, PaaS and SaaS cloud platforms, cloud services, and associated IT resources based on cloud technologies.
Your Tasks:
- Define a cloud security governance framework and work on continuous improvement to ensure the secure use of cloud services.
- Define and maintain the cloud security processes as part of the cloud operating model and support both cloud governance topics and cloud risk management.
- Carry out security assessments, protection requirements and risk analyses of cloud platforms.
- Create individual concepts to improve the security level and create decision templates for risk treatment (in particular definition of measures to reduce risk).
- Engage with new cloud technologies and participate in their secure implementation.
- Participate in the development of DevSecOps concepts and work closely with other IT teams.
- Ensure compliance with industry standards and regulations.
Qualifications
Educational Background:
- Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related field.
- A master’s degree or relevant certifications (e.g., CISSP, CCSP, AWS Certified Security - Specialty) is a plus.
Experience:
- Minimum of 3-5 years of experience in cyber security, with a focus on cloud security.
- Proven experience in defining and implementing security requirements for cloud platforms.
- Hands-on experience with cloud security tools and technologies such as AWS Security Hub, Azure Security Center, or Google Cloud Security Command Center.
- Experience conducting security assessments, risk analyses, and developing security concepts.
Technical Skills:
- In-depth understanding of cloud computing concepts and architectures (IaaS, PaaS, SaaS).
- Proficiency in implementing and managing cloud security controls, including identity and access management, encryption, network security, and data protection.
- Strong knowledge of common security threats, vulnerabilities, and attack vectors in cloud environments.
Analytical Skills:
- Ability to analyze complex security issues, identify root causes, and recommend effective solutions.
Additional Information
- We offer to be part of a fast-growing international team that has significant scaling ambitions across multiple markets.
- Work-Life Balance: Trusted working hours, 30 days of vacation and home office options.
- Further training: A comprehensive further training offer over an own training team as well as an own annual training budget.
- Well-being: Health programs, a free fitness studio on our campus and regular employee events.
- Comfort: Very good public transport connections and free parking spaces including charging facilities for e-mobility. A canteen with a varied selection of meals and discounts in our stores and at many partner companies.