Cyber Security Risk Manager (m/f/d)

About the role

We are looking for a Cyber Security Risk Manager to lead compliance, audit and risk activities across the organization. The role will ensure that information security and data protection practices meet legal, regulatory and internal standards.

Key responsibilities

• Monitor and assess adherence to security, legal and regulatory requirements.
• Plan, coordinate and execute internal and external audits, as well as risk and compliance assessments.
• Provide consulting and training to business units and employees on security and compliance topics.
• Identify, assess and track information security risks and implement mitigation measures.
• Prepare compliance status reports and communicate findings to management and stakeholders.
• Collaborate with IT, data protection, legal, internal audit, external auditors and authorities.
• Assist in the preparation and execution of certifications such as ISO 27001 and TISAX.
• Analyze incidents, derive lessons learned and continuously improve security processes.

Required profile

• Proven experience in information security risk management and compliance.
• Familiarity with legal and regulatory frameworks related to data protection.
• Experience conducting audits and preparing certification documentation.
• Strong communication skills to report findings and train staff.

Required skills

• ISO 27001
• TISAX
• Risk assessment methodologies
• Audit planning and execution
• Data protection regulations