Information Security Officer IAM (ITSO-IAM) (m/f/d)

Enforce security policies in local and Microsoft 365 environments Ensuring compliance with third-party internal security standards Checking and monitoring of safety protocols both of local infrastructure and of working area Coordination of response to incidents between internal teams and third parties Monitoring the vulnerability management and ensuring the timely elimination of identified risks Review of the third-party patch management processes Promoting security awareness and ensuring appropriate security practices among users Support in the implementation, maintenance and continuous improvement of identity and access management processes (IAM) and appropriate controls in accordance with regulatory requirements (e.g. DORA, BaFin, ISO 27001) Ensuring the proper implementation of JML processes (Joiner, Mover and Leaver), including the provision, modification and cancellation of user access Monitoring of identity and access management (IAM), including MFA, RBAC and audits of privileged access Support for internal and external audits through the preparation of evidence for access control and follow-up of remedies

We are looking for a structured, security-conscious and detailed expertise with interest in identity and access management in regulated environments. You are familiar with audit requirements and ensure traceability and effectiveness of control measures. 2–5 years of professional experience in IT security, IAM or cyber security, ideally in a regulated environment Completion in Information Technology, Computer Science, Cybersecurity or a related field Good understanding of IAM principles, including JML processes, access checks, task separation and management of privileged accounts Experience in the support of audits, access control checks and follow-up of remedies Good understanding of IT security frameworks and regulatory requirements (DORA, BaFin, ISO 27001, GDPR) Confidence with authentication and authorization mechanisms Ability to check configurations and question technical setups Tools & abilities: Confidence with directory services and IAM tools (e.g. Active Directory, Microsoft Entra ID, IAM/IGA (Identity and Governance Administration)) Experience with ticket and documentation tools (e.g. Jira, Confluence) Ability to query and investigate protocols (Microsoft Sentinel or other SIEMs), identify anomalies and track incidents Understanding firewalls, VPNs, segmentation and traffic streams (even if managed by the provider, you need to validate and question them) Experience with scanners (e.g. Nessus, Qualys) and the ability to interpret results and prioritize remedial measures Basic understanding of authentication methods (MFA, SSO, Conditional Access) Experience in the documentation of processes, controls and test evidence Ability to question third-party configurations (make the right technical questions, check configurations, not only reports) Structured and reliable operation Team-oriented thinking with pronounced communication skills Liquid English and German in Word and Writing (level C1/C2 required)

Participation in building an independent KVG Flat organizational structures, fast decision-making and an agile working environment Individual training budgets and professional development perspectives Attractive compensation package Hybrid work (2-3 days / week on site in Düsseldorf) Flexible working hours A modern office in a convenient location in Düsseldorf College, highly motivated environment