Principal Information Security Manager
Role details
Job location
Tech stack
Job description
- Shaping a comprehensive information security strategy aligned with DOUGLAS' operational and organizational goals
- Leading key security initiatives and foster a proactive security culture throughout the company
- Managing and continuously improving technical safeguards to protect data, applications, and infrastructure
- Collaborating closely with IT security, product management, and other departments to ensure secure development and operations
- Performing regular risk assessments, vulnerability analyses, and security drills to detect and mitigate potential threats early
- Ensuring compliance with regulatory requirements such as GDPR and relevant ISO standards
- Establishing and further develop security policies, standards, and processes across the DOUGLAS Group
- Advising senior leadership on strategic decisions related to information and cyber security
Requirements
A university degree in (business) informatics or a comparable field of study Erfahrung Strong knowledge of regulatory frameworks such as GDPR, EU AI Act, EU Data Act, and NIS 2 Hands-on experience with ISO standards including ISO 22301, ISO 9000, ISO 31000, and ISO 20000 Practical know-how in incident management, risk assessments, and the development of security awareness programs Certifications such as CISSP, CISM, or equivalent are a plus Strong communication skills in both English and German - written and spoken, We take a competency-based and fair approach to recruiting, that´s why we look beyond your experience to understand how you create impact, grow through change, and collaborate for success.
Alongside these competencies, we're looking for the following skills:
- A university degree in (business) informatics or a comparable field of study
- Several years of experience in information security, ideally with a focus on strategic security projects
- Strong knowledge of regulatory frameworks such as GDPR, EU AI Act, EU Data Act, and NIS 2
- Hands-on experience with ISO standards including ISO 22301, ISO 9000, ISO 31000, and ISO 20000
- Practical know-how in incident management, risk assessments, and the development of security awareness programs
- Certifications such as CISSP, CISM, or equivalent are a plus
- Strong communication skills in both English and German - written and spoken
Benefits & conditions
we want you to grow with us. Become part of our mentoring program, use our e-learning platforms and benefit from many other individual development opportunities.
️
Open feedback culture: half-yearly meetings & performance reviews (#DOUGLASDialogue)
30 days of vacation per year
Would you like a hybrid working model? We offer a balance between
mobile working and office days in a collaborative environment. (approx. 8 days/month)
Cherry on top: You get our
employee discount both online and in-store. On top of that, you get further discount opportunities thanks to our corporate benefits., https://behindbeauty.douglas.de/ Was wir bieten
- Your personal development: we want you to grow with us. Become part of our mentoring program, use our e-learning platforms and benefit from many other individual development opportunities.
- ️ Open feedback culture: half-yearly meetings & performance reviews (#DOUGLASDialogue)
- 30 days of vacation per year
- Would you like a hybrid working model? We offer a balance between mobile working and office days in a collaborative environment. (approx. 8 days/month)
- Cherry on top: You get our employee discount both online and in-store. On top of that, you get further discount opportunities thanks to our corporate benefits.
- In-house canteen & bistro, as well as free drinks
- A positive and motivating environment & celebrating successes at regular company events such as DOClub, summer party, Women's Day, etc
