Senior Information Security Governance Expert (all genders)

Senior Information Security Governance Expert (all genders)

Evotec

Evotec is a global biotechnology company committed to advancing drug discovery & development together with our partners for medicines that matter.

The Global Information Security department of Evotec is searching for a highly motivated and dedicated Senior Information Security Governance Expert (all genders).

Full time and permanent

Responsibilities:

• Support the implementation of the ISO 27001 standard across the organisation with the ability to take the lead on some specific domains such as Identity & Access Management, IT Operation Security, Asset Management or Secure software Development.
• Support the ISMS certification programs, including taking part in internal and external audits.
• Ensure that the organization’s information security policies are maintained and remain relevant.
• Initiate and control the implementation of information security measures.
• Initiate and coordinate target group-oriented awareness and training measures on the topic of information security.
• Conduct Information Security risk assessments (ISMS risks, application and infrastructure risks, TPRM).
• Support customer security assessments and perform supplier security assessments.
• Support information security incident management.

Qualifications:

• Bachelor's or Master's degree in Business Administration, Information Technology, or a related field or an equivalent qualification, or equivalent work experience.
• Sound professional working experience in a complex Information Security Governance environment, including practical years of acting in global information security organizations and belonging teams, ideally in a highly regulated field such as pharmaceuticals, biotech, or healthcare.
• Profound technical knowledge of security technologies as well as of enterprise IT Security solutions.
• Excellent knowledge of security management systems and respective standards (ISO 27001, NIST, CIS, GMP).
• Industry certifications such as PMP, ITIL, Agile are a plus.
• Industry certifications such as ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISSP, CISM, SANS, GSEC etc. desired.
• Experience in leading projects in terms of design and assessment of information security structures and processes.
• Proven track record in dealing with complex information security & change projects and meeting conflicting situations and crisis scenarios.
• Ability to adapt to a fast-moving information security landscape and keep pace with latest concepts, new security challenges and cyber threats.
• Thrives on change, showing an ability to develop the information’s security constantly forward.
• Proficiency in verbal and written communication in English. German, French or Italian language skills are an advantage.

Our offer (Hamburg, Germany based):

• A position within a vigorous and exciting professional environment promoted by an open culture and a spirit of community.
• A diverse, international workforce with a dynamic working environment that fosters creativity, innovations and teamwork.
• 30 days of annual holiday, monthly allowance for public transportation, and in-house canteen.
• Capital forming benefits, flexible working hours, holiday pay, and annual bonus depending on performance.
• Benefits may vary by location and will be discussed separately.

To apply, please click on the “Apply” button and provide your application documents (CV and cover letter, including earliest possible start date and salary requirements). We are looking forward to getting to know you and to your application.