$ads={1}
Information Security and Data Protection Auditor (m/f/d)
Job information
Apply by
14-08-2023
Reference number
JR-0025572
Job function
IT
Position type
Full time
Site
Düsseldorf
Peter-Müller-Straße 12, 40468 Düsseldorf
Your responsibilities and tasks:
The Information Security and Data Protection Auditor verifies compliance and implementation of GEA Group's requirements for information security in accordance with ISO 27001 and for data protection in accordance with data protection laws (e.g. EU GDPR) by means of audits. In this role, they are free and independent in their professional assessment. Audit reports are to be issued on the audit activities.
- Accountable for internal ISMS audits against ISO 27001, as well as IT system audits, supplier audits and data protection audits
- Planning and preparing information security and data protection audit programmes within their area of responsibility
- Coordinate these audit programs with the audited entities and information security and privacy officers
- Responsible for the preparation of audit plans for the relevant audits
- Ensuring that audit reports are prepared and communicated to the auditees
- Monitoring and reporting of audit findings to the audited areas
- Responsible for compliance with audit intervals
- Person responsible for initiating external supplier audits
- Developing a key performance indicator system for audit performance and its continuous improvement
- Accountable for the development of internal audit standards and quality assurance of audit work
- Carry out special audits due to special circumstances
- Is open to technical audit solutions and encourages the integration of tools in the audit process
- Acts as a point of contact for the BISOs, RISOs and LISOs responsible for the audited area
- Independent as an auditor and free in judgement
- Is a neutral evaluator rather than an advisor
- Functionally reports to the CISO
Your profile and qualifications:
- Bachler or Master’s degree in information Technology / Computer Science / Economics, law or a related technical discipline
- Information Security Certifications (ISMS Lead Implementor, ISMS Lead Auditor, additional in accreditation of a certification body)
- Data Privacy Certifications (e.g. Data Protection Officer (including GDPR: General Data Protection Regulation)
- Beneficial IT or Security Certifications (e.g. CISSP: Certified Information Systems Security Professional, CISM: Certified Information Security Manager, CISA: Certified Information Systems Auditor, ITIL: Information Technology Infrastructure Library, COBIT: Control Objectives for Information and Related Technology etc.) but are not a must
- 5+ years of professional experience in the field of information security and data protection
- In-depth know-how in management-systems, audits, dealing with audit-findings
- Knowing security standards such as ISO, PCI, HIPAA and SOX
- In-depth know-how in international Data protection law (GDPR) and standards as ISO 27701
- Experience in multivendor Management and dealing with multiple suppliers
- Good people skills to communicate and collaborate
- Strong communication skills in English, knowledge of the local language is an advantage
- High level of initiative, analytical skills
- Excellent business acumen, problem solving skills
- Capabilities, in financial & Budget ownership
Our Values
At GEA we stand for Responsibility, Integrity, Diversity, Passion and Excellence. If you share the same values, feel free to send us your application. We will consider all equal and we welcome all applications.
What happens once your application is submitted?
You will receive an E-Mail when your application has been processed. One of our Talent Acquisition Specialists will review and verify that the applicant meets the qualifications criteria. Once your application has been successful verified and depending on the role you will be invited to a first interview either virtual or face to face. Usually after the second or third interview round we will make a decision.
GEA is an equal opportunity employer. Applicants will therefore receive consideration for employment without regard to age, sex, race, color, religion, world view, national origin, genetics, disability, gender identity, marital status, sexual orientation, veteran status or any other protected characteristic required by applicable law. Applicants with disabilities are welcome and will be given special consideration if they are equally qualified.
