ISMS & Information Security Officer (m/f/d)

Next | Full time | Unlimited

We are Tradition & Innovation: The LeineNetz is a modern network and energy service provider based in Neustadt am Rübenberge in the Hanover region with around 150 employees:inside a subsidiary of the Ideas Stadtwerke Neustadt. We operate the electricity, gas, water, heat and lighting networks in the region and stand for the expansion of charging infrastructure and fiber networks as well as for the largest climate-neutral residential quarter in Lower Saxony by “cold near heat”. Both innovation and climate-friendly concepts are at the forefront of the LeineNetz and we are constantly looking for new and challenging topics as well as business areas. We have been working successfully in the energy business for more than 100 years and provide around 100,000 customers in the region. You have a strong analytical thinking, work structured and bring a well-founded, ideally long-term understanding of information security – preferably in the KRITIS environment? Then become part of our team and take over a responsible key role in securing our energy supply. As an ISMS & Information Security Officer:r (m/w/d), you will significantly shape the construction, development and safe, proactive operation of our safety-critical systems – thereby making a decisive contribution to a resilient, reliable and sustainable energy infrastructure.

ISMS control & further development: building, operation and continuous improvement of ISMS according to ISO/IEC 27001/27019, ensuring information security in energy supply and network operation, and controlling risk management including risk analysis, action tracking and strategic advice. Regulatorics, Audits & Reporting Obligations: Analysis and Implementation of Legal Requirements (NIS2, EnWG, BSIG), Coordination of Internal and External Audits including Detection Procedures, Interface Function to Authorities and Audit Institutions and Management of Reportable Events according to § 32 BSIG. Business Continuity & Crisis Management: Building and further developing the BCMS according to ISO 22301, carrying out BIAs, maintaining and testing emergency and restart plans as well as planning and implementing crisis exercises. Audit, Risk & Security Management: Monitoring, Assessment and Treatment of Security Precipitations, Risk Analysis of Critical Systems, Action Tracking, and Implementation of Business Training and Awareness Programs. Documentation & IT/OT Security Architecture: Maintaining ISMS/BCMS documentation, developing security policies, close cooperation with IT and OT to secure network and control systems, and supporting the secure further development of the IT/OT architecture.

Complete studies in the STEM field or a comparable subject or vocational training in an IT profession with comparable qualifications and professional experience in the field of IT security Multiannual professional experience in IT business fields or information security, ideally in the KRITIS environment Ideally certification as information security specialist, ISO 27001 Lead Auditor/Lead Implementer Knowledge and experience with legal and regulatory requirements (e.g. NIS2, EnWG, BSI-KritisV, GDPR, ISO/IEC 27001, ISO 27019, ISO 22301) Practical experience in auditing, risk management, security processes and regular reporting and cooperation with internal and external IT service partners Structured and analytical methods combined with clear, convincing communication and the ability to understand complex technical issues; strong consulting, communication and conflict competence. German knowledge (min. C1 level) and English knowledge in word and writing

Attractive contract package Unlimited employment contract based on the collective agreement for utilities (TV-V) Remuneration according to TV-V incl. 13. salary and additional special payment/premium according to the operating agreement Social benefits such as occupational pensions, wage conversion and benefits 39-hour week with flexible working hours and home office options 30 days holiday (of 24. & 31.12. are additionally free) and the compensation of additional work by sliding days

Health checkup Medical care for prevention programs or health topics Promotion of ergonomics at work and grants for screen work glasses

Site upgrade Good connection to public transport (the railway station is reachable in 2 minutes walk), but also Free parking on the premises and in the immediate vicinity Charging options for electric or hybrid vehicles Modern office building and IT equipment JobRad Other employee and corporate fitness