Process Owner for Information Security Incident Management (m/f/x)

Step out of your comfort zone, excel and redefine the limits of what is possible. That's just what our employees are doing every single day – in order to set the pace through our innovations and enable outstanding achievements. After all, behind every successful company are many great fascinating people.

In a spacious modern setting full of opportunities for further development, ZEISS employees work in a place where expert knowledge and team spirit reign supreme. All of this is supported by a special ownership structure and the long-term goal of the Carl Zeiss Foundation: to bring science and society into the future together.

Join us today. Inspire people tomorrow.

Diversity is a part of ZEISS. We look forward to receiving your application silence of gender, nationality, ethnic and social origin, religion, philosophy of life, disability, age, sexual orientation or identity.

Apply now! It takes less than 10 minutes.

Corporate Information Technology (CIT) is the central part of the company's strategy, developing and implementing innovative security solutions to enhance efficiency and competitiveness in the Carl Zeiss Group. By working closely with various business units, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.

Own and continuous enhance the Information Security Incident Response and Management process, ensuring alignment with regulatory and business requirements.

Define, document, and improve incident response policies, workflows, and playbooks to standardize and strengthen response activities.

Provide strategic guidance and operational support to the Cybersecurity Incident Response Team, ensuring adherence to best practices.

Govern and optimize the use of the ServiceNow Security Incident Response (SIR) module, the definition of process standards and tool customization.

Collaborate with internal stakeholders (e.g. data privacy, business units, technical teams) and external partners to ensure seamless process integration and operational efficiency.

Enhance automation and reporting capabilities within ServiceNow SIR to drive faster response times and streamlined workflows.

Design and lead tabletop exercises to test and refine incident strategies response and readiness across the organization.

Develop training programs and awareness initiatives to elevate the organization's incident response maturity and preparedness.

As the Process Owner for Information Security Incident Management (ISIM) at ZEISS, you will be responsible for the governance, coordination, and continuous improvement of ZEISS' security incident response and management process. Your role is to ensure that the process framework aligns with industry best practices, regulatory requirements, and organizational objectives. You will work closely with the Cybersecurity Incident Response Team, Corporate IT colleagues, and senior management to maintain an efficient, well-documented, and effective incident response strategy.

Degree in Computer Science, IT Security, Business Process Management, or a related work experience.

At least 5 years of experience in cybersecurity, IT service management, or security operations, with a focus on process ownership and governance.

In-depth knowledge of incident response frameworks, security, and process management and thus experience in designing, implementing, and optimizing security incident management processes.

Strong understanding of risk management, industry security standards, and compliance requirements (e.g., NIS2).

Ability to analyze complex security incidents and drive strategic process improvements

Excellent communication and stakeholder management skills, with the ability to work across technical and business teams.

Structured and analytical mindset with a strong focus on continuous improvement

Fluent in both German and English Preferred Industry.

JOBV1_EN