IT Risk & Compliance Manager / Information Security Officer (m/f/d)

MEDIAN is part of the MEDIAN Group, one of the leading European providers of medical rehabilitation and mental health. With more than 120 facilities throughout Germany, MEDIAN offers a dynamic and innovative environment for employees in a wide range of treatment areas with diverse entry and development opportunities. As a specialist for rehabilitation and participation, we accompany our patients on the way to recovery and return to society – according to our guiding principle “Life Life”.

We are looking for you as IT Risk & Compliance Manager / Information Security Officer (m/w/d).

ISO 27001 ISMS Management: Ensuring and further developing an ISO 27001 certified information security management system (ISMS) and preparation for re-certification. ISMS: Support in building a Group-wide ISMS and risk management in the context of digital transformation. Compliance & Governance: Ensuring compliance with legal regulations and internal guidelines on IT risks, data protection and information security. Risk management: Creation and maintenance of security policies and implementation of risk analyses and monitoring of critical thresholds. Audit management: organisation of internal and external audits (e.g. ISO 27001) and follow-up of recommendations. Incident & Business Continuity: Monitoring security incidents, post-analysis and support in IT-Service Continuity Management. Third-Party Risk Management: Monitoring security requirements for external service providers and regular due diligence checks. Training & Awareness: Planning and implementing awareness-raising measures for IT security within the company.

Education: Completed studies in (economic) informatics or comparable qualifications. Experience: At least 5 years of professional experience in IT security, especially in risk management, compliance and ISO 27001. Knowledge: Funded expertise in information security, regulatory compliance and IT governance (ISO 27001, NIS2, GDPR). Skills: Experience in implementing and supporting an ISMS, risk assessment methods and IT security concepts. Soft Skills: High communication and organization capability, proactive operation and interest in cybersecurity. Working environment: At least two days of attendance at the IT office per week. Dynamic work environment with the possibility of continuous development in a complex IT area.

A permanent employment relationship with competitive remuneration Exciting and responsible position in a dynamically growing company with a large design space. A friendly and professional team. Flat hierarchies, short decision paths and open corporate culture Mobile and flexible work from home or the headquarters in Berlin incl. Trust work time, notebook and mobile phone for optimal compensation of family and profession Individual training and further development opportunities within the department, as well as specialisation in selected topics - we offer you external training opportunities and support you in continuing vocational training. Occupational pension with employer subsidy, corporate benefits and regular fresh fruit in the office A modern and barrier-free ergonomically equipped workplace in the centrally located office in Berlin-Charlottenburg with a very good underground and bus connection, there lockable bicycle parking spaces and free parking in the area, corporate celebrations and team events