Information Security Management Specialist (m/f/d)

As our Information Security Management Specialist (m/f/d), you'll provide experienced support in the implementation and management of the Information Security Management System (ISMS) framework in alignment with the current ISO 27001 standard and guidelines. With a focus on cybersecurity, this role involves leading risk assessments, ensuring alignment with industry standards and regulations, and following information security practices and policies.

What you will do

• Contribute to implementation, maintenance along with continuous improvement and associated instructional documentation of ISMS and its controls in line with the requirements of ISO 27001:2022 and similar standards.
• Ensure compliance and maintenance of ISO 27001:2022 standard as well as all Information Security requirements with respect to laws, regulations, client requirements, NTT DATA and Group requirements including active participation in internal and external ISMS audits.
• Support in information security audits, performed by organization or third-party personnel.
• Ensure that IT systems are assessed against Information Security criteria and operate in compliance with the instructional Information Security documentation.
• Conduct company-wide gap assessment of ISMS clauses and control implementation.
• Ensure vulnerability management, tracking and reporting.
• Collaborate with the IT department to set Information security standard for Cyber Security
• Support in preparing management Information Security reports and dashboards.
• Review and respond to customer Service Agreements/RFPs/RFIs with respect to Information Security related clauses/questionnaires.
• Actively participate in Information Security External certification audits, internal audits, and gap assessments.
• Perform other security related task as required.

What we are looking for

• Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field.
• Information Security certifications such as ISO 27001 Lead Auditor/Implementer, CISM, CISA, CRISC, CISSP, CEH, COBIT or equivalent preferred.
• Fluent in English, Multilingual skills are an advantage.
• Skilled proficiency in conducting risk assessments, analyzing security controls, and policy management.
• Excellent communication and interpersonal skills for collaborating with various stakeholders.
• Strong project management skills for handling security initiatives.
• Strong familiarity with aspects related to information security.
• Strong knowledge of ISO 27001 and further relevant standards.

What we offer you

• An agile company culture with short decision-making paths and plenty of opportunities to show personal initiative
• Flexible working time models and mobile working (depending on your role)
• Allowance for the use of public transport and job bikes
• Allowance for the use of health and wellness
• Individual training and development opportunities
• Numerous other additional benefits such as birthday vouchers, employee advisory program, employee referral scheme, lunch allowance, company events, etc.

We are an equal opportunities employer and welcome applications from all qualified candidates. We are committed to creating a diverse and inclusive workplace and encourage applications from underrepresented groups.