Information & Cybersecurity Compliance Lead (m/f/d)
DEU - Neu-Isenburg, Germany
Boeing
Welcome to the official corporate site for the world's largest aerospace company and leading manufacturer of commercial jetliners and defense, space and security systems. Learn about our passion for innovation, our products, careers and more.Company:
Jeppesen GmbHJob ID:
00000430494Date Posted:
2024-06-28Location:
DEU - Neu-Isenburg, Germany, NLD - Amsterdam, NetherlandsJob Description Qualifications:
At Boeing, we innovate and collaborate to make the world a better place. The safety, integrity and sustainability of our products is at the forefront of all our efforts. At Boeing, you can contribute with your expertise and experience, and accomplish work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. We value diversity and learn from each other.
Digital Aviation Services (DAS) is a Boeing business unit which offers software to airline, business, military, and general aviation customers around the world. We provide many of the world’s airlines, airplanes and pilots with mission-critical, end-to-end flight operations, flight planning, and navigation solutions under the Jeppesen and ForeFlight brands.
We are now looking for a permanent Information and Cybersecurity Compliance Lead (m/f/d) to join our team in Neu-Isenburg, Germany.
As Information Security Compliance Lead will be responsible for leading, planning, executing, and coordinating Information Security Management System (ISMS) initiatives, including ISO27001, NIS-2 and other Information Security frameworks across the organization. This role will involve collaborating with various stakeholders to leverage synergies, minimize rework, and ensure alignment with the company’s overall risk governance framework.
We put great emphasis on your personal characteristics. We value individuals who have an analytical approach to problem solving, critical thinking, strong communication skills both within and outside your team, an interest for technology as well as people, and a curiosity to learn and explore new ways of doing things.
Position Responsibilities:
Lead the planning, execution, coordination and compliance of Information Security Management System (ISMS) initiatives, including ISO27001, NIS-2, and other relevant frameworks.
Develop and maintain project plans, timelines, and budgets for ISMS projects.
Collaborate with the Enterprise Risk Management (ERM) team to integrate ISMS initiatives with the organization's enterprise risk governance framework.
Conduct and coordinate risk assessments and ensure that identified risks are managed in accordance with the company's risk appetite and policies.
Work closely with key stakeholders, including IT, Legal, Compliance, and Business Units, to align and execute ISMS efforts according to organizational goals and minimize rework.
Facilitate communication and reporting to senior management and other stakeholders regarding the status of ISMS initiatives.
Develop, review, and propose updates to internal information security policies, procedures, and guidelines in alignment with relevant certification frameworks.
Ensure documentation is maintained and accessible for audit and compliance purposes.
Design and deliver training programs to increase awareness and understanding of information security and risk management practices across the organization.
Promote a culture of security and risk awareness among employees.
Identify opportunities for continuous improvement in the ISMS and risk management processes.
Stay up to date with industry best practices, emerging threats, and regulatory changes to ensure the organization remains compliant and secure.
Coordinate internal and external audits related to information security and risk management.
Ensure non-conformities are addressed and remediated promptly to maintain certification standards.
Collaborate with external vendors, partners, and stakeholders to enhance our cybersecurity framework.
Ensure compliance with relevant legal, regulatory, and contractual requirements related to cybersecurity and data protection.
Employer will not sponsor applicants for employment visa status.
Basic Qualifications:
Bachelor’s degree in information security, Computer Science, Information Technology, or a related field. A Master’s degree is preferred.
At least one of the following: ISO27001 Lead Implementer or Auditor certification, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certification in Risk and Information Systems Control (CRISC), or equivalent qualification.
Preferred Qualifications:
A minimum of 5 years of experience in information security, risk management, or a related field.
Proven experience in leading certification projects (not necessarily in the ISMS domain).
Excellent understanding of information security management systems and risk management principles. Practical experience with risk management frameworks in a global, matrixed organization would be a plus.
Strong project management skills, including the ability to manage multiple projects simultaneously.
Ability to communicate complex information security and risk management concepts to non-technical stakeholders.
Strong analytical and problem-solving skills.
Proficiency in using project management and risk management tools.
High level of integrity, professionalism, and attention to detail.
Ability to work effectively in a multinational, team-oriented environment and lead cross-functional teams.
Self-motivated and proactive with a strong sense of ownership and accountability.
Outstanding communication skills, both written and verbal, in English. Proficiency in German is a plus, but not required.
Ability to adapt to changing priorities and manage stress effectively in a fast-paced environment.
Working Conditions:
This position may require occasional travel to various international locations.
Flexible working hours may be necessary to accommodate different time zones and project deadlines.
Benefits:
Competitive salary and benefits package.
home-office arrangements.
flexible work hours.
Free breakfast.
Work bike program.
Free charging for electric vehicles.
Access to industry-leading training programs for professional and personal growth.
Relocation: This position is located in a location that does not offer relocation. Candidates must live in the immediate area or relocate at their own expense.
Important information regarding this requisition: This requisition is for a locally hired position in Germany/Netherlands. Candidates must have current legal authorization to work immediately in Germany/Netherlands. Boeing will not attempt to obtain an immigration and labor sponsorship for any applicants. Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.
Posting expire day: July 12, 2024
Boeing is the world's largest aerospace company and leading manufacturer of commercial airplanes and defense, space and security systems. We are engineers and technicians. Skilled scientists and thinkers. Bold innovators and dreamers. Join us, and you can build something better for yourself, for our customers and for the world.
Relocation:
No relocation availableExport Control Requirement:
Not an export control positionSafety Sensitive:
This is not a safety sensitive positionContingent Upon Award Program
This position is not contingent upon program awardExperience Level:
Individual Contributor - 4Job Type:
RegularJob Code:
3AQ5I4 (311)* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISM CISSP Compliance Computer Science CRISC Governance ISMS ISO 27001 Risk assessment Risk management
Perks/benefits: Career development Competitive pay Equity / stock options Flex hours Relocation support Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs