Job Description
For what you should inspire:
They perform business impact analyzes of business processes . In close cooperation with the respective departments, they analyze the existing IT architectures and evaluate the threat situation
Based on your analyzes, you create security concepts for applications, software and system landscapes
They accompany the corresponding supra-regional implementation projects end-to-end. From the creation of the load statement to the release of the applications or system landscapes
They are responsible for the definition, application and interpretation of safety tests for the approval of applications, software and system landscapes
Your internal customers will advise you on all IT security issues related to development environments and processes . In particular, you are assisting in conducting source reviews
You define key figures for information security and check them regularly
You will be our expert for information security and the first contact for employees, executives and your IT colleagues
They manage projects to improve the security of IT / OT applications or IT / OT system landscapes; Especially to improve the lifecycle for the development of secure software
your profile
Tasks will drive you forward with commitment, passion and proactivity. They also keep an overview even in complex situations. They always consider and evaluate a situation at different angles and are able to recognize new relationships. Even under difficult circumstances, you can make decisions responsibly. When working with your team and internal partners, your communication strength helps you to cooperate profitably.
They fit perfectly with:
A successfully completed degree in computer science or business engineering
Long-term, specific, professional experience in IT and in information security, in particular:
As project manager
Participation in penetration testing and vulnerability scanning activities as well as threat modeling (Threat Modeling)
Software development. You have learned at least three of the following programming languages: C / C ++, .NET, Java, JavaScript, Python
Hardware programming in C / C ++ for microcontrollers, smartcards and SoC
Experience in design and safety analyzes of complex software systems and system landscapes . You could acquire knowledge in at least 4 of the following areas:
Communication protocols (eg TCP / IP, UDP, DHCP, DNS, SNMP, OSPF)
System landscapes in IT and OT (ICS, SCADA) environment
Virtualization
Operating Systems (Windows, Unix)
Cryptography (PKI, SSO, 2FA)
Web technologies / Web services (SOAP, REST etc.)
Security Development Lifecycle (SDL): Source Code Reviews, Build Processes, Continuous Testing
Security infrastructures (eg IDS / IPS, firewalls, VPN, IAM and multi-tier architectures)
Experience in information security management and IT risk management as well as the current frameworks and guidelines (such as ISO27001, Cobit or MaRISK)
A conscientious and independent work. In new subjects, you will work quickly and in a structured way
And a distinctive Softskill set , also at intercultural level.
Fluent in German and English in spoken and written English