Senior Information Security Specialist (m/w/d) - #2172974

It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.

All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS!

• Assisting or leading client’s IT or security teams with the implementation of strategic security programs and projects. You solve together with other NVISO experts customers challenges or work in full integration with the client organization;


• Refining security governance, policies, processes and guidelines in all areas of the cyber security field;


• Implementing or refining our client’s Security Strategy by developing Enterprise and IT governance structures through policies, standards, processes and operational structures;


• Defining Information Security Architectures, mapping business functions into the cyber security and IT environment;


• Defining action plans in concertation with internal and external stakeholders;


• Assisting in reaching or maintaining compliance to information security legal, contractual, or internal requirements;


• Defining a Security Strategy, supported by a corporate risk and threat assessment in collaboration with key stakeholders in the organization;


• Reporting to the senior management of the client;


• We work both for very large and small organizations that all have one goal in common: making significant progress in their protection against current and emerging cyber threats.

• A minimum of 5+ years of experience in managing GRC and/or CISO-related projects;


• Bachelor or a Master’s degree, your education is not required to be in IT or technology, however you should have some affinity with technology;


• Certifications in the field of ISO 27001 (either as certified ISM or Auditor), CISSP or GSEC certifications are beneficial;


• Practical experience with cyber security controls frameworks like ISO27002, NIST CSF, BSI or CIS Controls are mandatory;


• Experiences in mapping NIS2 and/or DORA requirements to practical implementations in enterprises and banks are beneficial;


• Used to operating with a great deal of autonomy, but also appreciate the value of team work;


• A “people person”: a good communicator and concerned about your co-workers;


• Proven project management skills;


• Results-oriented and able to deliver within preset deadlines. You value quality and client satisfaction above all, and appreciate the value of outstanding deliverables;


• Excellent German and English communication skills, both verbal and written;


• You are eligible for NATO CLEARANCE (see HERE for more information).

At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:

• A training budget of 10,000 EUR plus 10 days paid time off rolling over two years


• Working with and learning from the best people in the European cyber security “scene”. We have several SANS Instructors working for us and we are also represented at popular hacking conferences (BlackHat, BruCON, OWASP, etc.). In addition, our employees can take advantage of prestigious continuing education opportunities (GSE, GXPN, CISSP, OSCP, etc.)


• A forward-thinking and agile company that supports you in the creation and implementation of new initiatives


• Unique team events (most recently e.g. Lisbon, Dubai, Malta)


• A sophisticated coaching concept starting on day 1


• 30 days of vacation


• Flexible working hours and home office options (Working Abroad Option)


• Cost absorption for the local transport ticket and the BahnCard50


• Company bike leasing


• A cool office in the heart of Frankfurt / Munich/ Vienna (roof terrace with grill, foosball, Playstation 4)

Sounds interesting? Then apply now!