About NVISO\n\nNVISO's mission is to protect European society from potentially devastating cyber attacks by offering cyber security services to private and governmental organizations. We help clients prepare for, prevent, detect, and respond to cyber security incidents.\n\nOur core values are: We are Proud, We Break Barriers, We Care, and No BS!\n\n## Information Security Manager (m/w/d) - Germany\n\nAs an Information Security Manager at NVISO, you will lead a team of CISOaaS or GRC consultants, contribute to client projects, and participate in pre-sales activities for strategic clients. Your role is crucial in enhancing our clients' cybersecurity posture by developing and executing security strategies and programs.\n\n### Key Responsibilities:\n\n* Lead and manage a team of CISOaaS/GRC consultants.\n* Collaborate with clients to understand their business objectives, risks, and security needs.\n* Assess client security maturity using standards like ISO, BSI, or NIST to identify improvement areas.\n* Develop and implement tailored security programs aligned with industry standards.\n* Drive security program implementation, acting as a security champion.\n* Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies.\n* Oversee the implementation of security policies, procedures, and controls.\n* Provide regular updates to management on the company's security status.\n* Lead steering committees with stakeholders to guide and adapt security programs.\n* Actively participate in the sales process by creating Statements of Work, project plans, and requirements definitions.\n* Perform technical account management for strategic clients.\n\n### Requirements:\n\n* Eligible for NATO Clearance.\n* Bachelor's degree in Business Administration, Information Security, or a related field.\n* Professional certifications such as CISA, CISSP, CISM, ISO27001 Implementer/Auditor, or equivalent are strongly preferred.\n* Proven experience as a CISO and/or successfully implementing ISO27k or BSI Grundschutz (including risk assessment, security roadmap creation, CISOaaS, and policy development).\n* In-depth knowledge of industry standards and frameworks (ISO 27001, DORA, NIST, NIS-2, GDPR, etc.).\n* Familiarity with risk management methodologies in cybersecurity.\n* Ability to quickly grasp complex business contexts and adapt communication and security programs accordingly.\n* Excellent English and German communication skills (written and verbal).\n* Strong leadership skills.\n\n### Benefits:\n\n* Highly competitive remuneration package.\n* Training budget of 10,000 EUR and 10 days of paid time off (rollover for two years).\n* Opportunities to learn from top European cybersecurity experts and attend prestigious continuing education programs.\n* A forward-thinking and agile company culture that supports new initiatives.\n* Unique team events (e.g., Lisbon, Dubai, Malta, Lapland).\n* Sophisticated coaching concept from day one.\n* Base salary range: 90,000 EUR - 130,000 EUR p.a.\n* 30 days of vacation.\n* Flexible working hours and home office options (Working Abroad Option within the EU).\n* Subsidized Deutschlandticket and BahnCard50.\n* Company bike leasing.\n* Company pension scheme.\n* Modern office spaces in Frankfurt and Munich with amenities like a roof terrace, table tennis, Playstation, and BBQ facilities.\n\n### Disclaimer on AI Use in Applications:\n\nAI tools may be used to a limited extent for supportive purposes (e.g., spell-checking, wording improvement). Application documents must authentically reflect your qualifications, personality, and motivation. Fully AI-generated documents without personal review are not permitted. Do not upload NVISO information, data, or documents to external AI tools. Applications primarily created by AI may be excluded from the selection process.\n\n### Additional Information:\n\n* Salary: 90,000 - 130,000 EUR p.a.\n* Remote Model: Hybrid\n* Country: Germany\n* Paid Holidays, Team Events