Senior Expert Group Security (Risk Management) (m/f/d)

As Senior Expert Group Security (Risk Mgmt), you play a central role in managing risks across the Group – with a balanced focus on enterprise risk management (ERM) and IT/information security risks You work closely in existing structures with the Enterprise Risk Manager and IT/information security risk management You support the existing Enterprise Risk Manager in identifying, evaluating and monitoring company-wide risks (e.g. strategic, financial, operational risks) and accompany the annual risk cycles and workshops At the same time, you can play a key role in IT risk management: you analyze risks from IT operations, information security, cloud and outsourcing scenarios and take appropriate measures together with the specialist areas. You participate in the development and maintenance of methods, guidelines and processes for ERM and IT risk management and ensure that IT risks are consistently integrated into the Group-wide ERM framework. You carry out risk analyses and scenario assessments, launch address-oriented risk reports for management and bodies, and support the definition and follow-up of measures, as well as appropriate key figures/KRIs You design and moderate risk workshops with disciplines, raises significant risks for transpa-rence and supports decision-making templates for management and bodies In addition, you support existing managers in the design and coordination of training and awareness measures and, together with them, promote the continuous improvement of risk management processes and tools

A completed study or at least. 5 years of relevant professional experience in risk management Knowledge of relevant standards and frameworks such as ISO 31000, ISO/IEC 27001 and ISO/IEC 27005, basic BSI protection and relevant regulatory requirements (e.g. EU-DORA, NIS2 or the like) Safe handling of risk assessment methods (e.g. risk and control assessments, scenario analyses, KRIs) and ideally experience with risk management or GRC tools Embossed Analytical Thinking Power, High Detail Accuracy and the ability to prepare complex facts clearly and understandably for management and departments Communication and moderation strength to lead different stakeholders through the risk and control process – even without disciplinary leadership Joy in a responsible expert role at the interface between business, IT and compliance and max. 10% readiness to travel

Flexible working hours and mobile office in coordination with the supervisor Discounts thanks to the “Corporate Benefits” portal Bike leasing Free drinks & fruit Further training Employee events