Head of CISO Audit & Controls (m/w/d)

As a primary digitization partner of the Bundeswehr, we provide stable, safe and efficient IT services in Germany and abroad, from basic operations to the field close to the application and thus contribute to the continuous increase in the leadership and operational capacity of the Bundeswehr. With over 7,700 colleagues, we operate and modernise one of the largest and most complex IT infrastructures in Germany. We are looking for responsible IT specialists who are convinced that the Bundeswehr-IT will further develop in challenging digitalization projects and thus contribute to Germany's security. Take care of our country's digital sustainability together with us. Head of CISO Audits (m/w/d) from now on and in full time at one of our BWI locations. With your application, you declare your consent to the use of property-diagnostic methods by an external service provider as part of the selection process. The area CISO (Chief Information Security Office) covers all aspects of information security in the sense of governance within the BWI – for the BWI itself and also for the customer. The CISO Audit & Control area monitors and monitors compliance with the relevant requirements, guidelines and instructions for action on IT security. The resulting tasks are, inter alia, automated monitoring and control of IT security requirements, monitoring object protection, performing manual checks, checking of IT security requirements in the Go-Live of new IT solutions (Info-SichhK-Check), regular audits of IT systems and service providers relating to the following: Information security on information security and data protection. The department is essentially divided into two areas. One area includes compliance checks and has its own disciplinary leadership, the second area includes audit activities in the above facets.

Responsibility for CISO Audit & Control, including disciplinary and professional leadership of executives and specialist experts, as well as area-related planning and budget responsibility

Design and prioritization of audit objects (internal/external) and controls of the department and sub- department as well as specialist teams. First escalation and decision-making entity, in particular at the interfaces to other departments in the context of reviews, finding and acceptance of mitigating measures

Development and further development of new controls and audits for the realization of dynamic safety processes, such as 'Iterative Approach' and Dynamic Accreditation

Strategic development and automation in the context of information security controls, both on the subject group technical controls and in the entire context of information security audits. In particular, the high dynamics, e.g. in the context of cloud, must be taken into account and the tests and controls must be adjusted accordingly.

Development and implementation of a procedure for risk-oriented control and performance of audits by service providers and manufacturers along the processing and performance of BWI-critical processing operations in coordination with data protection

Identification, development and provision of suitable KPIs and indicators as a contribution to the IS map

Complete university studies in the technical environment or comparable About 10 years of relevant professional and multi-year leadership experience In-depth knowledge of the implementation and automation of information security checks Detection of qualification by recognised specialist organisations (e.g. ISC2, ISACA, TÜV) desirable Experience in auditing IT systems, service providers and manufacturers Cross-disciplinary knowledge to analyze, control and secure complex and networked processes of IT Willingness to continue training in the field of information security High quality and customer orientation as well as high levels of enforcement and conflictability knowledge of the customer's IT organization, ideally with a good network to the decision-making level and/or former cooperation in the Bundeswehr German and good knowledge of English in word and writing

Through varied and socially relevant tasks, we ensure the smooth operation of IT and the digitization of the Bundeswehr The goal is for us. For us, an appreciative approach and a great team spirit are elementary The BWI offers a market-oriented remuneration, a secure workplace and a premised and employee-funded occupational pension scheme You start with 30 days of annual holiday with option for individual adjustments Our Benefit app provides you with a monthly balance and tax relief on tickets for the ÖPNV We allow you flexibility to reconcile work and private life, for example through mobile work or trust work time and the long-term construction of a value balance account for e.g. a Sabbatical We support your professional and personal training through individual measures and free access to LinkedIn Learning