Cyber Security Specialist (m/f/d)

Strategy & Governance: Development and continuous expansion of the cyber security strategy and creation and maintenance of security policies and standards. Integration into infrastructure: Close cooperation with the Infrastructure Team to integrate security measures directly into the system architecture and operation (Security by Design). Operational support: Active support in administrative tasks, the operation of the server landscape and the network management, in particular if these are security-relevant. Risk management: implementation of risk analysis to identify vulnerabilities in IT infrastructure and definition of appropriate mitigation measures. Compliance & Regulatorik: Ensuring compliance with legal and regulatory requirements (e.g. GDPR, NIS2 and industry-specific GxP guidelines in the pharmaceutical environment). Monitoring & Detection: Monitoring of the safety landscape (e.g. via SIEM/SOC) and controlling threats detection measures. Security Awareness: Planning and implementing training measures to strengthen the security awareness of employees throughout the company. Vendor Management: Assessment and monitoring of the safety standards of external service providers and software suppliers.

Education: Successfully completed studies in computer science, business informatics, cybersecurity or a comparable qualification Relevant professional experience in the above-described field of work Methods: Deep knowledge of common safety frameworks and standards such as ISO 27001, NIST or BSI IT basic protection Technical know-how: Funded knowledge in the field of IT infrastructure (virtualization, server OS, network technology) to effectively support the team in operational tasks. Knowledge in the areas of network security, identity and access management (IAM) and endpoint protection. Experience with cloud security (e.g. Microsoft Azure Security Center, AWS). Knowledge of hybrid infrastructure security (on-premise and cloud).

Compliance experience: Experience in implementing data protection regulations (GDPR) and ideally knowledge in the regulated environment of the pharmaceutical industry. Teamplayer mentality: The ability to integrate into a team and take a supportive, solution-oriented role. Analytical thinking: ability to penetrate complex technical relationships quickly and accurately assess risks. Communication strength: The ability to prepare complex security issues for both the IT department and for management and non-technical users in a comprehensible manner. Sovereignty: rest and decision-making even in critical situations (e.g. during an active safety incident). Enforcement assets: The ability to consistently enforce necessary safety measures against operational resistance without jeopardising team dynamics.

We create a working environment that allows performance, leaves spaces and promotes your personal development. You benefit from flexible working hours and 30 days of holiday so that profession and private life remain in line. Fresh dishes are served daily in our on-site canteen, with free drinks and fresh fruit. With a grant to the job ticket, we support you on the way to work – sustainable and comfortable. Thanks to our cooperation with a local day care centre, we also support you in child care. Your future is also at our heart: We offer you an occupational pension scheme and targeted training. .