Information Security Manager

About the Organization

The organization develops advanced software products that optimize the flow of energy and materials for utilities and industrial environments. With thousands of employees worldwide and decades of technological leadership, the company builds process control systems that support sustainable energy supply, production, and logistics. Solutions combine AI‑driven intelligence with proven industrial optimization methods and can be deployed on‑premises or in the cloud.

The company is strengthening its global security posture and is seeking an Information Security Manager to shape, elevate, and future‑proof its security governance.

Role Overview

As the Information Security Manager, you will lead the organization’s Information Security Management System (ISMS) and drive governance, risk, and compliance initiatives across all business units. You will ensure that security becomes an enabler for innovation and operational excellence. This is a strategic, cross‑functional role with significant influence across engineering, operations, and leadership.

Key Responsibilities

• Lead, maintain, and continuously improve the organization’s Information Security Management System (ISMS).

• Design, refine, and implement security governance, including policies, standards, and processes that are practical and scalable.

• Drive risk management activities: identify, assess, prioritize, and improve how security risks are managed across the organization.

• Conduct and support security reviews, assessments, and reporting, turning insights into actionable improvements.

• Collaborate across engineering, product, operations, and leadership to embed security into decision‑making and promote a shared security culture.

• Participate in due diligence activities for vendors, products, and internal initiatives to ensure secure partnerships and architectures.

• Prepare for and support external audits (ISO 27001, TISAX, and others), ensuring the organization remains audit‑ready.

• Strengthen the organization’s security and compliance culture, driving awareness, training, and knowledge sharing.

• Support incident management with clarity, calmness, and structured execution during critical events.

Your Profile

• Strong expertise in Information Security Management and frameworks such as ISO 27001 or NIST CSF.

• Solid understanding of business and organizational processes, ideally within the software or industrial technology sector.

• Proven experience in security governance, including designing and implementing effective policies and controls.

• Strategic mindset with the ability to balance long‑term vision and operational execution.

• Experience in risk management, including prioritization and mitigation planning.

• Good understanding of cloud security, especially Google Cloud Platform (GCP) and Microsoft 365/Office 365.

• Analytical thinker with the ability to challenge assumptions and shape best practices.

• Ownership mentality — accountable from concept through implementation.

• Familiarity with lean and agile principles and how they support secure development.

• Excellent communication skills, able to engage confidently with technical and non‑technical audiences.

• Fluent in English; German (B2 or higher) preferred.

• Bonus: knowledge of data protection and privacy regulations (GDPR, CCPA).

• Above all: a genuine passion for information security, curiosity, and continuous learning.