Information Security Governance Consultant

At DIGITALL we don't just deliver technology we deliver the future! We are explorers, knowledge-hunters, tech geeks, problem solvers and game changers who want to inspire and be inspired. Our DIGITALL people are always one step forward: working with top-notch technologies, creating innovations ahead of the market trends, sharing the passion for discovering better ways. As a human-centric organization, our teams are built on mutual respect and open communication, allowing everyone to be authentic, express ideas and unleash their potential. We are proud of our DIGITALL bright minds and never stop developing their skills to keep pushing boundaries together and do what we love. 

DIGITALL operates globally with a team of 1000 experts in 16 locations across 8 countries.

This is your job:

• Governance: Be able to develop and maintain information security policies and procedures as an the core of an ISMS
• Risk Management: Be able to coordinate gap analysis, information security assessments and risk assessments and derive actionable measures
• Compliance: Advise on best practices, standards and frameworks depending on the industry and client needs; be up to date with the legislative local and international landscape in terms of new or updated information security/cyber security laws and regulations and be able to respond to queries about compliance with these
• Awareness: be able to design an information security awareness program including but not limited to phishing and training campaigns, situations awareness, physical security, etc.
• Coordinate documenting results upon cyber security posture assessments, vulnerability assessments
• Monitor and validate the implementation of the required security measures and technologies in the relevant projects/clients.
• Recommend tools/technologies and processes that would improve cyber security effectiveness and efficiency be able to define or if already in place, report GRC KPIs
• Support security strategies tailored to customers business requirements and their timely implementation
• Flexible work (remote, hybrid), which might include business trips, depending on the projects

Your qualifications:

• Relevant experience in the fields of information security, cyber security, IT/OT
• Very good working knowledge of security practices and frameworks such as ISO27001 (and the series related to privacy and cloud), NIST SP-800 series, COBIT, ITIL, risk management
• Good understanding of IT infrastructure and applications landscape
• Certifications of benefit: ISO27001 Lead Auditor or Implementor, CISSP, CCSP, CISM, CISA
• Very good (verbal and written) English. German language skills will be appreciated, but are not mandatory
• Very good communication and organizational skills
• Ability to express ideas clearly, concisely, logically, and persuasively both verbally and in writing
• Problem-solving and teamwork skills
• Adaptability to international environments and cultures

Organizational information:

• All applications will be treated in strict confidentiality
• Please note that only shortlisted candidates will be invited to an interview