The HARTMANN GROUP is one of the leading European providers of medical and hygiene products with core expertise being in wound treatment, incontinence care and infection prevention. Its range also includes products for compression therapy and First Aid in addition to care products and cosmetics. Furthermore, HARTMANN offers innovative system solutions for professional target groups in the medical and healthcare sector. The Company, which has its headquarters in Heidenheim/Germany and which has Europe as its focal market, is organised with its own country companies close to the market across the world. In 2017, the 10,764 employees of the HARTMANN GROUP generated sales of EUR 2.06 billion.

Your area of responsibility:

  • Implementation and further development of the information security strategy of HARTMANN Group
  • Operation and optimization of the Information Security Management System (ISMS) of HARTMANN Group
  • Maintenance of the IT security framework, incl. information security policies and related documents
  • Leadership of the global information security program within HARTMANN Group
  • Performance of IT risk analyses, IT security assessments and protection requirements analyses
  • Approval of IT security concepts for IT systems and applications
  • Leadership in case of information security incidents or IT emergency situations, e.g. cyber attacks
  • Creation of information security reports up to senior management level
  • Implementation of a security monitoring and reporting platform (information security benchmarking)
  • Planning and performing of awareness measures to raise the overall security level
  • Consulting of all departments and companies in cases of information security related topics and issues
  • Project management of security projects and support of business projects with security knowledge
  • Interface to other group functions like e.g. data protection management, risk reduction management, internal audit, etc.

What we look for:

  • University degree in IT or equivalent
  • Fluent communication skills in English and German with the ability to negotiate and delivery senior management presentations
  • Profound knowledge of implementation and operation of Information Security Management Systems (ISMS)
  • Several years of experience in information security and IT security, e.g. application security, web security, email security, etc.
  • Knowledge of security frameworks like e.g. ISO 27001, NIST Cybersecurity Framework, COBIT 5 etc.
  • Knowledge of risk management frameworks like e.g. ISO 31000, ISO 27005, etc.
  • Knowledge in IT Compliance (e.g. data protection), IT Audit and Business Continuity (e.g. ISO 22301) will be an advantage
  • Security relevant certifications like e.g. Lead Auditor ISO 27001, CISA, CISM, CISSP, CSP, etc.
  • Ability to explain complex topics in simple, non-technical words to raise user awareness
  • Ability to work under pressure and think clearly in challenging situations, e.g. in case of security incidents
  • Strong analytic skills to perform security, IT risk and root-cause analyses

Your contact

Ms Friederike Stracke

PAUL HARTMANN AG, Human Resources Management

P.O. Box 1420, 89504 Heidenheim, Germany

www.hartmann.info

If you wish to join our company, we will appreciate to receive your informative application with cover letter, curriculum vitae and copies of certificates.