🚀 Information Security (Senior) Manager (m/w/d)

Overview

NVISO is seeking an Information Security Manager (m/w/d) located in Germany to lead our CISOaaS/GRC consultants and contribute to client projects as well as pre-sales activities for strategic clients. The role aims to enhance clients’ cybersecurity posture by creating and driving security strategies and programs throughout their organizations.

Key responsibilities and requirements are detailed below.

Responsibilities

• Leading and managing a team of CISOaaS/GRC consultants to deliver high-quality services to clients
• Collaborating with clients to understand their business objectives, risks, and security requirements
• Assessing clients’ security maturity (using ISO, BSI or NIST standards) to identify gaps and improvement areas
• Developing and implementing a fit-for-purpose security program aligned with industry standards
• Driving the security program at clients, acting as the security champion and promoting security awareness
• Conducting risk assessments, identifying vulnerabilities, and recommending risk mitigation strategies
• Overseeing and supporting the implementation of the security program, including policies, procedures, and controls
• Providing updates to management on the state of security at their company
• Holding steering committees with relevant stakeholders to guide and adapt the security program when needed
• Actively contributing to the sales process by creating and presenting Statements of Work, project plans, and requirements definitions for projects in your team
• Performing technical account management duties for specific top-tier, strategic clients

Requirements

• You are eligible for NATO Clearance.
• Bachelor’s degree in Business Administration, Information Security, or a related field
• Professional certifications such as CISA, CISSP, CISM, ISO27001 Implementer/Auditor or equivalent are strongly preferred
• Proven experience as a CISO and/or implementing ISO27001/BSI Grundschutz at clients (risk assessment, security roadmap, CISOaaS, policy development)
• In-depth knowledge of standards and frameworks such as ISO 27001, DORA, NIST, NIS-2, GDPR
• Familiarity with risk management methodologies applied to cybersecurity
• Ability to understand business needs and adapt security programs accordingly for clients
• Excellent English and German written and verbal communication skills
• Leadership skills to manage a team and collaborate with clients and cross-functional teams

Benefits

At NVISO, we offer a competitive remuneration package with financial and non-financial components:

• Training budget of 10,000 EUR plus 10 days paid time off rolling over two years
• Opportunity to learn from leading security professionals; participation in continuing education opportunities (e.g., SANS, CISSP, OSCP)
• Forward-thinking and agile work environment supporting new initiatives
• Team events across locations (e.g., Lisbon, Dubai, Malta, Lapland)
• Coaching concept starting on day 1
• Base salary range: 90,000 EUR p.a. – 115,000 EUR p.a. (depends on experience)
• 30 days of vacation
• Flexible working hours and home office options (+ EU-wide working abroad)
• Cost absorption for Deutschlandticket and BahnCard50
• Company bike leasing and pension scheme
• Modern office locations in Frankfurt and Munich with amenities

Location: Frankfurt am Main, Hesse, Germany