Information Security & Compliance Lead (m/w/d)

• Maintain and continuously improve the ISO 27001 Information Security Management System (ISMS).
• Collaborate with control owners to ensure timely and effective implementation of technical and organizational controls.
• Lead and conduct internal audits, coordinate external audits, and manage audit findings to closure.
• Drive and maintain a risk management process, including risk identification, assessment, treatment, and reporting.
• Own and update security policies, procedures, and awareness programs across the organization.
• Conduct vendor and third-party security assessments (including DPAs and security questionnaires).
• Prepare and deliver risk and compliance reports for the Head of IT and the Board of Directors.
• Monitor changes in relevant laws and regulations (e.g., GDPR, NIS2) and adjust practices accordingly.
• Support incident response planning and exercises in cooperation with technical teams.
• Collaborate with IT, Legal, HR, and other functions to ensure alignment on compliance requirements and initiatives.

• Proven experience (3+ years) in Information Security, Risk, or Compliance roles.
• In-depth knowledge of ISO 27001 standards and certification process.
• Experience conducting internal audits and managing external audits.
• Familiarity with frameworks such as NIST, CIS, ITIL, or COBIT.
• Strong understanding of risk management principles, data protection (e.g., GDPR), and regulatory compliance.
• Excellent communication skills with ability to present to senior management and non-technical stakeholders.
• Ability to work independently, influence others, and drive cross-functional initiatives.
• Experience with GRC tools, vendor assessment platforms, or audit management tools is a plus.

• A diverse working environment in which you can contribute your own ideas and potential in the long term.
• Intensive induction and development opportunities for your professional and personal development in our in-house training center, as well as support from a mentor.
• Flat hierarchies and an open corporate culture that values teamwork and fun at work.
• Flexible trust-based working hours with mobile office options and an attractive salary package including standard benefits (MultiSport, LuxMed, Life Insurance, etc.)
• If you're in the office, we enrich everyday working life with coffee, drinks, company parties and team events.

Asseco Solutions AG