Information Security Manager (f/m/d)

Welcome to ZEISS – a company that combines innovation and responsibility! Our corporate functions are various and make a decisive contribution to the orientation strategic and sustainable success of ZEISS.

Corporate Information Technology (CIT) is the central part of the company's strategy, developing and implementing innovative security solutions to enhance efficiency and competitiveness in the Carl Zeiss Group. By working closely with various business units, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.

Your role

Aa an Information Security Manager you take over ownership and steering of complex domains and activities on a global scale. As domain responsible, the Information Security Manager is steering a dedicated InfoSec domain in line with corporate and business InfoSec demands and objectives.

Take over ownership for a dedicated cross-functional InfoSec domain and drive the development of the area of responsibility globally

Contribute to risk management by identifying and assessing InfoSec risks related to the field of responsibility and defining and proposing mitigating actions

Develop the domain-specific strategy and roadmap by proposing long-term goals in alignment with other InfoSec domains and the corporate and business InfoSec strategy

Handle incoming requests and requirements as the first point of contact for the dedicated InfoSec domain and drive InfoSec programs, initiatives and projects according to oriented priorities and objectives

Engage with stakeholders across the organization to ensure the alignment of InfoSec goals, priorities and initiatives

Lead and orchestrate security (project) teams and provide guidance for less experienced staff members

Apprenticeship, studies or professional education in Information Security Management, Business Administration, Corporate Governance, Management, IT, Engineering or a related discipline (Bachelor's or Master's degree) or an equivalent mix of education and professional experience.

Several years of professional experience in a field related to IT, Information or Cyber Security, e.g. Information Security Management, ISO 27001, Information Security KPIs, Information Security Incident Management.

One or more relevant and current information security certifications from an established organization (such as ISACA, ISC2, CompTIA, EC-Council, GIAC, OffSec or vendor-specific certifications).

Knowledge and experience in managing and driving information security projects across multiple stakeholders in a global business environment.

Ability to solve complex tasks and problems, applying innovative thinking

Ability to work in a structured and independent way and to associate technologies requirements, understand complex environments, business

Ability to interact with fellow employees, stakeholders, incl. functional peer group managers, involving matters between functional areas, other company divisions or units

High level of personal resilience and self-driven, results-oriented approach to work

German (fluently) OR English (fluently), other languages advantage