Information Security Manager (m/w/d)

Taylor Wessing is a leading business law firm that advises national and multinational companies worldwide in all legal matters. We stand for excellent legal advice, profound, wide and yet to the point. With our guiding concept “Challenge expectation, together” we commit ourselves to questioning the expectable and thinking beyond the nearby. This is how we find the best solutions: together with our clients.

This claim makes us particularly strong in areas where the milestones of digitalization are set: Technology, Life Sciences & Healthcare and Energy & Infrastructure. Today we are shaping the business development of our clients with the potentials of tomorrow's technologies. Strategic responsibility for information security: development and implementation of the company-wide security strategy in cooperation with the CISO, including guidelines, standards and governance structures.

Building and further development of the ISMS: Introduction and maintenance of a powerful information security management system as well as performing internal audits and continuous optimization of security-relevant processes.

Risk Management & Vulnerability Analysis: Identification, Assessment and Management of Risks, Vulnerabilities and Threats, including Coordination of Penetration Tests and Discharge of Remedial Measures.

Management of security incidents: Responsibility for the entire process of incident management, as well as active participation in response and clarification of security incidents.

Monitoring, reporting & communication: monitoring compliance with safety guidelines, industry standards (e.g. ISO, NIST, CIS) and legal regulations as well as compiling meaningful reports, KPIs and decision templates for the management and understandable communication of safety-relevant topics to technical and non-technical stakeholders.

Training & Awareness: Development and implementation of information security training to raise awareness among all cyber security and protection workers.

Collaboration & Leadership: Technical leadership of the Information Security Team, close coordination with internal departments, international partner organisations, and participation in the evaluation of suppliers as part of the security risk management.

Expertise and certifications: Multiannual professional experience in the above-mentioned field as well as sound knowledge and certification Certifications such as ISO 27001 Lead Implementer, CISM, CISSP or comparable.

Good technical knowledge of safety principles and practices.

Pragmatic and self-responsibility: ability to prioritize, pragmatic thinking and safe action even in challenging situations.

Team orientation and interdisciplinary cooperation: No single fighter mentality, but active interaction of topics, resources and teams, as well as early organisation of support and exchange.

Leadership and communication strength: flexible and binding communication in German and English as well as active participation in personal and professional further qualification.

Germany Ticket Corporate Benefits Fitness facilities LinkedIn Learning Flexible working hours *This is a selection of our benefits; These vary in nature and extent depending on the employment relationship.