IT Security, Risk and Compliance Manager (with German)

The IT Security, Risk and Compliance (IT SRC) Manager leads the IT SRC activities within Germany, Austria and Switzerland (DACH).

She/he supports the EMEA Head of IT SRC to ensure the Confidentiality, Integrity and Availability of the Akkodis DACH information assets and its customers.

She/he is accountable for the rollout of the Akkodis Group IT SRC policy framework within its scope of responsibilities to ensure all projects in scope are delivered in conformance with Group Standards.

She/he ensures that operational, legal, regulatory and security risks are assessed and mitigated with adequate controls per the business requirements and Enterprise Architecture.

She/he is the privileged point of contact of the IT SRC function within DACH and drives and leads the local governance.

Its scope of responsibilities includes all the IT Security, Risk and Compliance activities within Germany, Austria and Switzerland (DACH).

Main tasks include specifically:

• Lead the DACH IT SRC team and manage the related team members who report to him/her.
• Support the Akkodis EMEA Head of IT SRC and DACH heads of IT in implementing the Group Information Security Strategy.
• Ensure that the Group IT Policy & Control framework is communicated and publicized and ensure that risk assessments are carried out timely and in line with established procedures.
• Run the local IT SRC governance in alignment with the EMEA IT SRC governance and strategy.
• Drive and lead the team’s work to ensure customer IT security requirements are assessed before agreement and adequate Security Action Plans are defined, agreed and funded by the business when relevant.
• Ensure the support provided to the business meets quality and SLAs when answering RFPs/RFIs, due diligence and supporting projects.
• Ensure business impact assessments on projects and technology onboarding are performed, and appropriate security requirements are defined, and implementation monitored.
• Lead the team to guarantee suppliers are assessed.
• Ensure Group Information Security Awareness Initiatives and end-user training are deployed.
• Ensure risks are assessed and managed through their life cycle and provide visibility to Management.

Key Stakeholders:

Internal:

• EMEA IT leadership team & business partners
• EMEA IT SRC
• Internal Auditors
• GRC Services & Strategy
• Legal & Procurement
• Project Managers
• Business/Delivery Managers
• IT function
• IT Architects & IT Security Architects
• DACH Top management

External:

• Suppliers & Vendors
• External auditors
• Customers IT & IT Security

• Deep understanding of security concepts, issues and practices related to operating systems, databases, networking, virtualization and web applications.
• A solid grounding in common Information Security concepts (OWASP, IAM, SIEM, DLP, etc.).
• Capacity to examine security holistically, including threat modelling, specifications, implementation, testing and vulnerability assessment.
• Practical knowledge of ISO27001 and/or TISAX standards.
• Knowledge of German and/or NATO standards for restricted zones in defence environment (IGI 1300, II 901, etc.) desired.
• Leadership skills

• Experience in implementing ISMS and obtaining ISO27001 (or TISAX) certifications in an international environment.
• Experience being the face of IT Security at the country level.
• Experience of leading a team of IT security experts.
• Experience with Germany and/or NATO standards for restricted zones in a defence environment is a plus.
• Experience in a consulting firm is a plus.
• 10+ years of experience in IT security risk management.

Education

• Hold or willingness to get certified one or several relevant security certifications (e.g. CISSP, CISM, CISA or similar).
• ITIL practitioner.
• MSC in IT or IT Security preferred.

Personal Attributes

• Able to evaluate information, identify critical issues and formulate conclusions based on sound, practical judgment, experience and common sense.
• Experience with and sensitivity to different cultures.
• Good in leadership, inspiring, encouraging and providing constructive criticism to help improve colleagues’ performance.
• Ability to build pro-active, cooperative working relationships with customers, peers and key stakeholders based on respect and teamwork.
• Good ability to convince and influence stakeholders from all backgrounds.
• Ability to work under pressure to deliver.
• Good to excellent command of English, both in writing and verbally.
• Good to excellent command of German, both in writing and verbally.

It’s an exciting time to be part of our team. We’re proud to be a global thought-leader and care about doing the best job we can to ensure better futures for everyone. We do this by building our Future@Work strategy as a united team of 30,000+ colleagues with a collective spirit working in over 60 countries globally.

You’ll have the opportunity to grow across a variety of interesting jobs and careers over our extensive portfolio of global brands. We empower our colleagues to work in the smartest, most efficient ways to achieve total balance between the demands of their jobs and their lives. That’s why we give you the autonomy and support you need to work in the way that makes you most productive, agile, confident, and insightful.

Putting people first, pioneering with a collective spirit and always advancing with a growth mindset -that’s what we stand for at the Adecco Group. Here, we are all individuals with a unique perspective on the world we live in. That’s what makes us stronger. Whoever you are and whatever your background, you can be yourself. So, we aim to build on the attributes that make you, you. We offer a range of world-class resources for upskilling and development, satisfying your curiosity while the sharing skills, knowledge, and expertise to grow together.

Make an impact where it matters most.

We believe that having an understanding of the hiring process helps you to prepare, feel, and be, at your best. As a global, multi brand organization with multiple different roles, our application process can vary.

On our career site, you will find some of the key steps you can expect to guide you along the way.

As one of the world’s largest employers we believe in talent, not labels, and focus on the diverse and unique skills our people bring. We seek to foster a culture of belonging and purpose, an environment where everyone can thrive and feel engaged, and where difference is respected and valued. Our commitment to equity, equal opportunity, inclusion, and diversity is part of our broader commitment to respecting fundamental human rights across our value chain. The Adecco Group is proud to be an Equal Opportunity Employer.

Posting date: 08-12-2024