Information Security Analyst

Information Security Analyst

Frankfurt

Hybrid: 3 days in office

About the Role:

We are seeking an experienced Information Security Analyst to join a dynamic team in Frankfurt or Augsburg. This is a hybrid role requiring 3 days in the office, with travel to other sites in Germany (approx 20%).

As an Information Security Analyst you will be responsible for implementing, managing, and maintaining security processes and policies to protect our clients from cyber threats. You will be working closely with global teams, providing expertise in various information security disciplines, and ensuring compliance with relevant frameworks and regulations.

Key Responsibilities:

• Develop, implement, and maintain information security policies, standards, and procedures.
• Provide expert knowledge in Application and Infrastructure Security, Identity and Access Management, Information Security Incident and Issue Management, and Information Security Governance for both Business and Technology sectors.
• Lead and manage virtual teams of experienced professionals across the global organisation to drive security initiatives and projects.
• Ensure compliance with local, national, and international regulations, including GDPR, German data security standards, ENISA guidelines, and wider EU law.
• Conduct risk assessments and support the Information Security Risk Management process to identify and mitigate potential security threats.
• Collaborate with the development teams to integrate security measures in the software and hardware solutions deployment.
• Stay updated with the latest security trends, frameworks, guidelines, best practices, and regulations such as NIST, CIS, GDPR, ISO, and PCIDSS.
• Manage security incidents and issues, leading the response and remediation efforts in coordination with relevant teams.

Qualifications:

• Completed studies in Information Security or a related field, or equivalent professional experience.
• Certification in one or more of the following: CISSP, ISSMP, CISM.
• Additional certifications such as CEH, CISA, or CRISC are highly preferred.
• Extensive knowledge and hands-on experience with information security principles, policies, and procedures.
• Proven experience in implementing information security principles in business and IT processes.
• Comprehensive understanding of German data security standards and EU regulations.
• Strong leadership skills with the ability to motivate and lead virtual teams.
• Professional level written/spoken in both German and English.