Manager (m/w/d) IT Regulatory and Governance in the Field of Information Security and Data Protection

Deutscher Sparkassen Verlag GmbH is the holding company of the DSV Group, the specialized service provider for the Sparkassen financial group. We design the group strategy and the group structure, are the language tube and the distribution of the DSV Group and with shared services in the fields of finance, procurement and personnel at the same time also their internal service provider. We work together in a wide range of tasks to make the savings banks united. Soon with you?

What makes us think? In the DSV Group holding, we have been operating information security and data protection management (short: ISDS) as an integrated management system since 2015. Our internal consulting and auditing as well as risk assessments are made from a casting. We use a professional and modern GRC software to manage our tasks. We operate in the holding company and all DSV Group subsidiaries in the 2nd. line according to three-line model of the IIA. Thematic diversity and cross-disciplinary thinking are on the agenda. The DSV Group has more than it seems: we combine the topics of payment, medial offering and software development under one roof. We are assigned to Regulator and Risk Management and have a direct reporting path to the Chairman of the Management Board of the DSV Group. We advise and audit all hierarchical levels up to top management, which supports us with advice and action. We'll take your hand. Our ISDS team consists of experienced and communicative employees of different age groups with some more than 10 years of relevant expertise. The long service life testifies to long-term motivation and an intact relationship. We master the strict regulatory requirements in the Sparkassen Financial Group and bring your expertise to a new level.

You have fun in complex banking regulators, keep up-to-date changes with impact on the industry and actively propose improvements to optimize our internal control system according to ISO 27001, DORA, GDPR and other industry-specific regulatory requirements. You are part of our central ISDS team and, as a team player, supports the DSV group in providing secure solutions for the Sparkassen financial group and contracting entities. You have a very good sense of the strategic, economic and operational impact of the written order on product management, software development and IT operation. You have a look at the effectiveness and efficiency of our internal audit process and internal consulting and support services, and you have a significant impact on the continuous improvement. With your strategic sense, you accompany cross-border improvement processes, such as the Group IT strategy. You support the organization in the preparation and execution of the annual certification examination according to ISO 27001 and keeps the awareness high even outside the examination period by training measures.

You bring knowledge of your studies with a focus on computer science/economic information technology or your studies in law or comparable, successfully completed vocational training or further qualification. You have gained several years of professional experience in the field of information security (e.g. according to ISO 27001 or BSI basic protection), in particular with regard to the control and improvement of the ISMS. You have collected relevant professional experience in a compliance or governance function in the regulated environment (e.g. critical infrastructure, banking regulators) and brings as much knowledge about DORA as possible. You have several years of professional experience in the field of data protection (e.g. according to GDPR) that complete your profile. You bring a basic understanding of the work in the three-line model of the IIA (here: 2nd line). You have good communication and presentation skills for stakeholders at all hierarchical levels. You have fun in analytical thinking and set a high level of quality on your work results. Ideally, you have obtained a certification with ISDS reference (e.g. CISM, CISSP, ISO 27001 lead auditor, tested DSB).

Pension provision Flexible working time Bike leasing Sports Canteen Mobile work Individual training Company events Holiday days plus Childcare allowance No contractual trial period

JOBV1_EN