Director of Information Governance, Risk and Compliance (m/f/d)
Munich, Germany
Job Description
As the Director of Information Governance, Risk and Compliance, you will play a pivotal role in shaping and implementing our organization's cyber security governance, risk management, and compliance strategies. You will be responsible for ensuring alignment with industry standards, regulatory requirements, and best practices, and work closely with the business. This position reports directly to the Chief Information Security Officer (CISO) and involves collaborating with cross-functional teams to safeguard our systems, data, and infrastructure.
DO WHAT YOU LOVE:
- Information GRC Strategy: Continuously develop and improve the Governance, Risk and Compliance strategies and operations model from a business-centric perspective
- Information Risk Management: Lead the process of identification, assessment, and prioritization of cyber security risks across the organization. Develop risk mitigation plans and monitor their implementation to minimize exposure to potential threats, while allowing the business to make better, risk-informed decisions
- Governance Oversight: Establish and maintain effective cyber security governance structures, including committees and working groups, to facilitate decision-making and accountability. Provide regular updates and reports to senior management and key stakeholders on GRC activities and performance
- Information Compliance Management: Lead processes and activities to ensure compliance with applicable laws, standards, and frameworks to allow the business to operate on a global scale and enable the business’ growth. Coordinate audits, assessments, and certifications
- Training and Awareness: Foster a culture of security consciousness and accountability across the organization
Qualifications
COME AS YOU ARE:
- You have several years of experience in a Head of GRC position in a medium or large company, or several years of experience in other GRC roles
- You have in depth knowledge of relevant frameworks, standards and regulations (e.g., NIST, ISO, SOC2 etc.)
- You have a proven track record of implementing GRC strategies and processes
- You have strong leadership skills, including communication and interpersonal skills with the ability to collaborate effectively with all levels of the organization
- You have a strong motivation for innovation and building things, and you are not afraid to take on challenges
Additional Information
Working at SIXT not only means creating the future of mobility, but also offers personal benefits. This means especially for you: 30 days of vacation, support for pension plans & capital-forming benefits, company car and flexible working hours. You can decide where you want to work from: Up to 50% of your monthly working time you can work completely mobile and from anywhere, up to 30 days per year even in other European countries (EU, CH & UK).
In addition, you will of course receive employee benefits for SIXT rent, share, ride and SIXT+, discounts with partners for travel, technology, clothing, etc. as well as free cyber sports courses and numerous trainings for your individual development.
It's also important to balance out your work: That's why you have access to our employee restaurant (and yes, we insist on restaurant, because it's too high quality for a canteen) as well as various recreational opportunities such as our modern SIXT Gym. the gaming area, or the SIXT choir - to name just a few. One day a year you can support the children's aid foundation "Drying Little Tears", an initiative of Regine Sixt, & do something good.
In addition, your colleagues are pretty awesome. Which is important when you spend so much time together, and besides, no wonder when you get a bonus for referring friends as new employees. If something does bother you, you'll always have someone to confide in through regular feedback sessions, employee surveys or our psychological hotline through the Fürstenberg Institute. Otherwise, we live "work hard, play hard" - our parties are legendary! We also demand and promote DiverSIXTy, a corporate culture of acceptance, appreciation, and respect, in which everyone can develop their personality and ideas.
About the department:
We at SIXT are known to always be in the fast lane. To ensure that everything runs smoothly from start to finish, we pull the strings backstage. The protection and safety of our staff on site at the Headquarters in Pullach is as important as the smooth running of all day-to-day matters. Our task is to perfectly implement and maintain the corporate identity in our SIXT locations.
About us:
We are a leading global mobility service provider with sales of €3.07 billion and around 7,500 employees worldwide. Our mobility platform ONE combines our products SIXT rent (car rental), SIXT share (car sharing), SIXT ride (cab, driver and chauffeur services), SIXT+ (car subscription) and gives our customers access to our fleet of 270,894 vehicles, the services of 1,500 cooperation partners and around 1.5 million drivers worldwide. Together with our franchise partners, we are present in more than 110 countries at 2,098 rental stations. At SIXT, a first-class customer experience and outstanding customer service are our top priorities. We focus on true entrepreneurship and long-term stability and align our corporate strategy with foresight. Want to take off with us and revolutionize the world of mobility? Apply now!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISO Compliance Governance NIST Risk management SOC 2 Strategy
Perks/benefits: Career development Fitness / gym Flex hours Flex vacation Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs