Principal IT Security Manager (w/m/d)

About the DOUGLAS Group With its DOUGLAS, NOCIBÉ, parfumdreams and Niche Beauty brands, DOUGLAS Group is the leading omnichannel provider for premium beauty in Europe. DOUGLAS Group inspires its customers to live their own kind of beauty by offering a unique assortment online and in around 1,900 shops. DOUGLAS Group is the partner of choice for brands and offers a selected range of exclusive brands as well as its own company brands. The range includes fragrances, make-up, skin care, hair care, accessories and beauty services. Strengthening the successful omnichannel positioning and the consistent further development of the customer experience are the focus of the company strategy “Let it Bloom – DOUGLAS 2026′′. The successful business model is based on the Omnichannel offer, the leading brands and the data competence of DOUGLAS Group. In the 2023/24 financial year, DOUGLAS Group generated sales of EUR 4.45 billion and employed around 19,200 employees throughout Europe. The DOUGLAS Group was awarded by Forbes 2025 as the world's leading employer for women in the field of retail and wholesale. DOUGLAS Group (Douglas AG) is listed on the Frankfurt Stock Exchange. For further information please visit the DOUGLAS Group website.

Development of an information security strategy based on the operational and organisational objectives of DOUGLAS Responsibility for the implementation of central security initiatives and the promotion of a proactive security culture throughout the company Control and optimisation of technical security measures to secure data, applications and infrastructures Close cooperation with the fields of IT security, product management and other specialist departments to ensure safe development and operational processes Regular implementation of risk analyses, vulnerability assessments and security exercises for early identification and mitigation of potential threats Ensuring compliance with regulatory requirements such as GDPR and relevant ISO standards Establishment and continuous development of security policies, standards and processes within the DOUGLAS Group Advising management in strategic decisions on information security and cyber security

We pursue a competency-based and fair recruiting approach, so we look beyond your previous experience and want to understand how you do something, use change as a chance and work successfully in the team. In addition to these skills, we are particularly interested in the following skills: Successfully completed studies of (economic) informatics or a comparable discipline Multiannual experience in information security, ideally focusing on strategic security projects Knowledge of regulatory frameworks such as GDPR, EU AI Act, EU Data Act and NIS 2 Experience in handling ISO standards, in particular ISO 22301, ISO 9000, ISO 31000 and ISO 20000 Practical experience in incident management, carrying out risk analyses and developing awareness programs Certifications such as CISSP, CISM or comparable evidence are a plus Communication strength in German and English – in writing and oral

Your personal development: We want you to grow with us. Be part of our mentoring program, use our e-learning platforms and benefit from many other individual development offerings. 30 days holiday per year You like a hybrid working model? We offer you a balance between mobile work and office days in a collaborative environment (on average 8 days/month). Super Sale: Our employee discount for the online shop and stores is the cream bottle. Not enough? Additional discounts are available thanks to our corporate benefits. You like fitness? Great! Then our gym card is just right for you. Canteen & bistro and free drinks A positive and motivating environment & the celebration of successes at regular corporate events such as the DOClub, the summer party, the women's day and more. .