Information Security Professional (f/m/d)

Are you excited to shape your career within a cutting-edge digital enterprise where information security is paramount? Do you want to enhance the security posture for millions of customers, contributing significantly to global data and information protection? If so, you’ve come to the right place.

As an Information Security Professional in our Security Governance & Assurance team—responsible for the strategic dimensions of information security at Mail & Media—you will be entrusted with the following key responsibilities:

• Design and Optimization of Security-Critical Processes: Develop and continuously improve core processes such as ISMS, risk management (Business Continuity Management), and supply chain management, ensuring alignment with industry best practices, compliance mandates, and organizational needs.
• Execution of Security Audits and Assessments: Conduct comprehensive audits and assessments across internal departments as well as with external partners and suppliers. Prepare tailored reporting of findings and oversee the remediation of identified gaps.
• Enhancement of Security Awareness: Drive ongoing improvement in organizational security awareness through the development and delivery of targeted training sessions and presentations tailored to diverse technical and non-technical audiences.
• Project Leadership to Elevate Security Standards: Lead initiatives and projects aimed at strengthening the company’s overall security posture.
• Preparation and Representation in External Audits: Prepare essential documentation and represent Mail & Media during external security audits, including ISO 27001 certifications and regulatory inspections such as TKG audits.

Do you hold a technical degree or equivalent professional qualification? Do you bring several years of experience with strategic information security topics and the ability to translate business requirements into robust technical security solutions? Are you familiar with modern methodologies like DevSecOps and Policy as Code, and do you enjoy a hands-on approach? If so, we are looking forward to receiving your application!

• Comprehensive Knowledge of Current Legislation and Security Standards: Expertise in NIS-2, GDPR, ISO 27000 series, NIST frameworks, and best practices such as OWASP and ISACA. Your strong theoretical technical foundation combined with a keen business acumen enables you to leverage this knowledge effectively in an agile digital environment.
• Passion for Emerging Technology Trends: You proactively follow technological trends and acquire hands-on experience, integrating insights into your work and sharing knowledge with colleagues. You are conversant with topics such as Cloud, Microservices, AI, and Development Security Operations.
• Collaborative Team Player with Strong Change Management Skills: You lead by example, demonstrate a “bias to action,” and maintain a constructive approach even in challenging situations, fostering a positive team culture. Your empathy and reliability help you build trust and credibility.
• Excellent Communication Skills: You communicate clearly and effectively across all organizational levels, both verbally and in writing, in German and English (C1 proficiency or higher).

🏢 Lived corporate culture : Flat hierarchies, a culture of respect and appreciation, signatories of the Diversity Charter, open communication, and no dress code.

🎓 Wide range of further training : Internal and external training opportunities, LinkedIn Learning, language courses, talent development programs, conferences, and mentoring.

❤️ Active health care: Wellpass, free internal sports and fitness classes, health days, family & care support services, discounts at fitness centers, mental health first responder, fresh fruit, and drinks for free.

🚝 Mobility : Subsidy for job bike leasing and the job ticket.

💻 Flexible working models : Home office options, flexible working hours, and 30 days of vacation with the option for additional unpaid leave.

💰 Financial benefits : Corporate benefits, company pension scheme, capital-forming benefits, occupational disability insurance, and various partner discounts.

🎉 Events : Summer and winter parties, sports tournaments, and team events.