Senior Manager Information Security

Senior Manager Information Security - Second Line of Defence Location: Frankfurt / Hybrid Our client is seeking a Senior Manager Information Security to support security governance, risk oversight and regulatory compliance activities within a highly regulated environment. This role sits within the Second Line of Defence and focuses on strengthening information security frameworks, controls and oversight processes across the organisation. Key Responsibilities: Support and oversee information security governance and risk management activities. Provide independent oversight and challenge of security controls and risk practices. Maintain and enhance security policies, standards and governance frameworks. Support risk assessments, control reviews and remediation activities. Collaborate with technology, risk, audit and compliance stakeholders. Monitor regulatory developments, emerging threats and security-related risks. Prepare reporting and presentations for senior stakeholders and governance committees. Contribute to operational resilience and third-party security oversight initiatives. Your Profile: Extensive experience within information security, cyber risk or technology risk environments. Strong background in security governance, risk oversight or Second Line of Defence functions. Understanding of regulatory frameworks and security standards within regulated environments. Knowledge of information security controls, operational resilience and cloud security governance. Strong stakeholder management and communication skills. Relevant certifications such as CISSP, CISM or CRISC would be advantageous. Fluent German and English language skills. What’s on Offer? Senior-level role within a complex and regulated environment. Exposure to security governance and risk management initiatives. Flexible hybrid working model. Long-term development and progression opportunities.

Information Security Expert Location: Stuttgart Our client is seeking an Information Security Expert to support the development and governance of information security frameworks within a regulated international environment. This role focuses on ISMS governance, regulatory compliance and information security risk management across complex business operations. Key Responsibilities: Support the development and implementation of the company’s information and cyber security strategy. Maintain and further develop the ISMS in line with ISO 27001 and recognised security frameworks. Define and implement information security policies, standards and procedures. Advise stakeholders on information security, governance and regulatory requirements. Support risk management, business continuity and audit-related activities. Conduct risk assessments, security reviews and compliance monitoring. Coordinate with internal teams including compliance, risk, data protection and BCM functions. Support supplier and third-party security audits and assessments. Assist business units and sales teams on customer-related security requirements. Monitor regulatory developments including NIS2, KRITIS and related standards. Your Profile: Degree in Information Security, IT or a related field. Several years of experience within information security governance or ISMS environments. Strong knowledge of ISO 27001, NIST CSF, ISO 31000, ISO 22301 or similar frameworks. Understanding of regulatory requirements such as NIS2, KRITIS and IT security standards. Experience with risk management, audits and compliance activities. Relevant certifications such as CISSP, CISM or ISO 27001 would be advantageous. Strong analytical and stakeholder management skills. Fluent German and English language skills. What’s on Offer? Broad and strategic information security role. Exposure to international and regulated environments. Collaborative and modern working culture. Flexible working arrangements and employee benefits. Long-term development and career opportunities.

Managing Director ICT Third Party Risk Location: Frankfurt A role that inspires you Join a complex, internationally active organisation as Managing Director ICT Third Party Risk, taking strategic responsibility for the management and oversight of ICT and technology-related third-party risks. In this senior role, you will work closely with executive stakeholders to strengthen operational resilience, regulatory compliance, and risk governance across critical external service providers. Key Responsibilities: Hold overall responsibility for ICT third-party risk management at group level. Define and implement the ICT third-party risk framework, policies, and governance standards. Oversee risk assessments, due diligence, and ongoing monitoring of critical technology vendors. Ensure compliance with regulatory requirements and supervisory expectations (e.g. DORA, outsourcing guidelines). Advise executive management on third-party risk exposure and mitigation strategies. Coordinate cross-functional teams across risk, IT, security, procurement, and legal. Oversee incident management, escalation, and remediation related to ICT service providers. Drive continuous improvement of third-party risk processes and controls. Your Profile: Degree in IT, risk management, business administration, or a related discipline. Extensive experience in ICT third-party risk, outsourcing, operational resilience, or technology risk. Strong understanding of regulatory frameworks and supervisory expectations. Proven experience advising senior management or board-level stakeholders. Strategic mindset combined with a pragmatic, hands-on approach. Excellent communication and stakeholder management skills. Fluent English skills; German is an advantage. What’s on Offer? A senior leadership role with high visibility and strategic impact. Opportunity to shape group-wide ICT third-party risk governance. Close collaboration with executive management and international stakeholders. Long-term career perspective within a stable, regulated environment.

OT Penetration Tester  Location: Nordrhein-Westfalen (NRW)  Our client is seeking an OT Penetration Tester to support the security of operational technology and industrial control system environments. This role offers hands-on exposure to OT security testing, industrial networks and cyber resilience initiatives within critical operational environments. Key Responsibilities: Conduct penetration testing and security assessments across OT, ICS and SCADA environments. Assess industrial networks, segmentation controls and OT/IT convergence zones. Identify vulnerabilities and deliver risk-focused security reporting. Support remediation planning with engineering and operational stakeholders. Contribute to threat modelling, red team exercises and security simulations. Advise on OT security and compliance frameworks including IEC 62443, NIS2 and KRITIS requirements. Support the development of internal methodologies, tooling and testing processes. Your Profile: Experience within OT/ICS penetration testing or industrial cyber security environments. Strong understanding of industrial protocols and OT network architectures. Familiarity with OT security tools and vulnerability assessment methodologies. Knowledge of OT-related compliance and regulatory frameworks. Strong analytical and communication skills. Ability to work independently within complex operational environments. Strong German and English language skills. What’s on Offer? Flexible hybrid working environment. Access to advanced OT and security testing environments. Training and certification support. Opportunity to work on critical infrastructure and industrial security projects. Collaborative and security-focused company culture.