Information & Cybersecurity Compliance Lead (m/f/d)

Information & Cybersecurity Compliance Lead (m/f/d)

Company:

Jeppesen GmbH

Job ID:

00000430494

Date Posted:

2024-06-28

Location:

DEU - Neu-Isenburg, Germany, NLD - Amsterdam, Netherlands

Job Description Qualifications:

At Boeing, we innovate and collaborate to make the world a better place. The safety, integrity and sustainability of our products is at the forefront of all our efforts. At Boeing, you can contribute with your expertise and experience, and accomplish work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. We value diversity and learn from each other.

Digital Aviation Services (DAS) is a Boeing business unit which offers software to airline, business, military, and general aviation customers around the world. We provide many of the world’s airlines, airplanes and pilots with mission-critical, end-to-end flight operations, flight planning, and navigation solutions under the Jeppesen and ForeFlight brands.

We are now looking for a permanent Information and Cybersecurity Compliance Lead (m/f/d) to join our team in Neu-Isenburg, Germany.

As Information Security Compliance Lead will be responsible for leading, planning, executing, and coordinating Information Security Management System (ISMS) initiatives, including ISO27001, NIS-2 and other Information Security frameworks across the organization. This role will involve collaborating with various stakeholders to leverage synergies, minimize rework, and ensure alignment with the company’s overall risk governance framework.

We put great emphasis on your personal characteristics. We value individuals who have an analytical approach to problem solving, critical thinking, strong communication skills both within and outside your team, an interest for technology as well as people, and a curiosity to learn and explore new ways of doing things.

Position Responsibilities:

• Lead the planning, execution, coordination and compliance of Information Security Management System (ISMS) initiatives, including ISO27001, NIS-2, and other relevant frameworks.

• Develop and maintain project plans, timelines, and budgets for ISMS projects.

• Collaborate with the Enterprise Risk Management (ERM) team to integrate ISMS initiatives with the organization's enterprise risk governance framework.

• Conduct and coordinate risk assessments and ensure that identified risks are managed in accordance with the company's risk appetite and policies.

• Work closely with key stakeholders, including IT, Legal, Compliance, and Business Units, to align and execute ISMS efforts according to organizational goals and minimize rework.

• Facilitate communication and reporting to senior management and other stakeholders regarding the status of ISMS initiatives.

• Develop, review, and propose updates to internal information security policies, procedures, and guidelines in alignment with relevant certification frameworks.

• Ensure documentation is maintained and accessible for audit and compliance purposes.

• Design and deliver training programs to increase awareness and understanding of information security and risk management practices across the organization.

• Promote a culture of security and risk awareness among employees.

• Identify opportunities for continuous improvement in the ISMS and risk management processes.

• Stay up to date with industry best practices, emerging threats, and regulatory changes to ensure the organization remains compliant and secure.

• Coordinate internal and external audits related to information security and risk management.

• Ensure non-conformities are addressed and remediated promptly to maintain certification standards.

• Collaborate with external vendors, partners, and stakeholders to enhance our cybersecurity framework.

• Ensure compliance with relevant legal, regulatory, and contractual requirements related to cybersecurity and data protection.

Employer will not sponsor applicants for employment visa status.

Basic Qualifications:

• Bachelor’s degree in information security, Computer Science, Information Technology, or a related field. A Master’s degree is preferred.

• At least one of the following: ISO27001 Lead Implementer or Auditor certification, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certification in Risk and Information Systems Control (CRISC), or equivalent qualification.

Preferred Qualifications:

• A minimum of 5 years of experience in information security, risk management, or a related field.

• Proven experience in leading certification projects (not necessarily in the ISMS domain).

• Excellent understanding of information security management systems and risk management principles. Practical experience with risk management frameworks in a global, matrixed organization would be a plus.

• Strong project management skills, including the ability to manage multiple projects simultaneously.

• Ability to communicate complex information security and risk management concepts to non-technical stakeholders.

• Strong analytical and problem-solving skills.

• Proficiency in using project management and risk management tools.

• High level of integrity, professionalism, and attention to detail.

• Ability to work effectively in a multinational, team-oriented environment and lead cross-functional teams.

• Self-motivated and proactive with a strong sense of ownership and accountability.

• Outstanding communication skills, both written and verbal, in English. Proficiency in German is a plus, but not required.

• Ability to adapt to changing priorities and manage stress effectively in a fast-paced environment.

Working Conditions:

• This position may require occasional travel to various international locations.

• Flexible working hours may be necessary to accommodate different time zones and project deadlines.

Benefits:

• Competitive salary and benefits package.

• home-office arrangements.

• flexible work hours.

• Free breakfast.

• Work bike program.

• Free charging for electric vehicles.

• Access to industry-leading training programs for professional and personal growth.

Relocation: This position is located in a location that does not offer relocation. Candidates must live in the immediate area or relocate at their own expense.

Important information regarding this requisition: This requisition is for a locally hired position in Germany/Netherlands. Candidates must have current legal authorization to work immediately in Germany/Netherlands. Boeing will not attempt to obtain an immigration and labor sponsorship for any applicants. Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.

Posting expire day: July 12, 2024

Boeing is the world's largest aerospace company and leading manufacturer of commercial airplanes and defense, space and security systems. We are engineers and technicians. Skilled scientists and thinkers. Bold innovators and dreamers. Join us, and you can build something better for yourself, for our customers and for the world.

Relocation:

No relocation available

Export Control Requirement:

Not an export control position

Safety Sensitive:

This is not a safety sensitive position

Contingent Upon Award Program

This position is not contingent upon program award

Experience Level:

Individual Contributor - 4

Job Type:

Regular

Job Code:

3AQ5I4 (311)