Zusammenfassung:
The business of public transportation is complex and full of exciting challenges. We make it our business to deliver the best in technology, systems and services to our customers. Our systems enable higher punctuality even during rush hour, shorter travel times and more precise connections for more relaxed travel, as well as dynamic passenger information in real time.
Our solutions advance public transport and thus make an important contribution to climate-friendly mobility – our future!
The Information Security Manager will be responsible for overseeing and managing the company’s information security program. This role involves ensuring continued compliance with ISO 27001 standards, protecting company data, and mitigating risks associated with information security threats.
The ideal candidate will possess a deep understanding of information security practices, strong leadership skills, and a proactive approach to maintaining our ISO 27001 certification. Understand the regulatory requirements for Trapeze as a solution provider in the Transportation industry like Kritis, BSI.
Your tasks:
ISO 27001 Compliance: Ensure ongoing ISO 27001 compliance by managing necessary controls, leading internal and external audits, and continuously developing and updating ISMS documentation.
Information Security Management: Develop, implement, and monitor a comprehensive information security and IT risk management program, working with stakeholders to manage risks, enforce ISO 27001-aligned policies, and ensure disaster recovery plans are tested. Act as the primary point of contact for IT security queries.
Incident Management: Develop and manage incident response plans, oversee security breach investigations, ensure timely communication to stakeholders, and coordinate with departments for effective resolution and post-incident analysis.
Training and Awareness: Develop and deliver security training programs, promote a culture of awareness and compliance, ensure cybersecurity policies are communicated and enforced, and share best practices and risks across the entire organization.
Vendor and Third-Party Management: Evaluate the security posture of third-party vendors and partners and ensure that third-party agreements include appropriate security controls and compliance requirements.
Continuous Improvement: Stay updated on security trends and threats, continuously improve ISMS and security posture, and engage with industry groups to stay informed on emerging issues.
Project Support: Identification and assessment of security risks in projects and operations and 1st level contact for Operations team and customers for IT Security related questions
Your Profile:
Bachelor’s degree in Information Security, Computer Science, or a related field; Master’s degree preferred, or an IT qualification with additional certification in IT security.
Professional certifications in IT with additional further training in information security (e.g. CAS/MAS Information Security, ICT Security Expert, CISSP, CISA, CISM, ISO 27001 Lead Auditor)
3+ years of experience in information security management.
Extensive knowledge of ISO 27001 standards with experience in certification maintenance, familiarity with business continuity frameworks (ISO 22301, ISO 27031, ISO 31000), and understanding of GDPR, NIST, and related regulations.Proven experience in developing and implementing security policies, procedures, and controls.
Strong written and verbal communication skills in English and German to convey technical details to management and IT partners.
Strong understanding of risk management and incident response.
Our Offer:
Maybe we don't have a 3-day week or a 16th salary – we simply keep what we promise
We work daily on the pulse of the time: We create unique solutions for sustainable mobility
We combine the advantages of an international corporation with an agile medium-sized company: International growth opportunities, design freedom, Your value is visible
The rest is a matter of course for us: Attractive salary package, flexible work, further education, YOU count as a person
About Us
Public transport - an exciting industry with a future. Trapeze supplies this interesting market with innovative products and solutions for personnel and vehicle scheduling, operations control technology, passenger information, ticketing as well as depot and fleet management. Our systems enable hundreds of public and private organizations worldwide to increase the efficiency and quality of their operations, expand their services and transport passengers to their destinations faster and more safely. Our state-of-the-art products support scheduled, on-demand and occasional traffic and are used in road and rail vehicles. Trapeze has more than 30 offices in Europe, North America and Asia-Pacific.
Trapeze is an equal opportunity employer, we recruit, hire, train, promote and provide all other privileges of employment to qualified people without regard to age, race, color, creed, national origin, gender, gender identity, gender expression, disability, marital status, citizenship status, ethnicity, familial status, religion, sexual orientation or any other classification for which discrimination is prohibited.
#J-18808-Ljbffr