Logo METRO AG

Information Security Assurance Expert

Neu

Job

  • Level
    Erfahren
  • Job Feld
    IT, Security
  • Anstellung
    Vollzeit
  • Vertragsart
    Unbefristetes Dienstverhältnis
  • Ort
    Düsseldorf
  • Arbeitsmodell
    Hybrid, Onsite
  • Job Zusammenfassung

    In dieser Position beurteilst du die Wirksamkeit und Reife von Sicherheitskontrollen, führst unabhängige Sicherheitsüberprüfungen durch und gibst klare Empfehlungen zur Verbesserung der Sicherheitslage ab.

    Deine Rolle im Team

    • To plan, execute, and support independent information security assurance activities across METRO AG and its operating entities.
    • The role provides structured, judgment-driven assessment of the effectiveness, maturity, and alignment of security controls against internal policies, regulatory requirements, and recognized frameworks - enabling informed risk decisions and continuous improvement of the organization's security posture.
    • Plan and perform information security assurance reviews, including control design and effectiveness assessments, thematic reviews, and targeted evaluations across IT and OT environments.
    • Assess the design adequacy and operational effectiveness of security controls based on frameworks such as ISO/IEC 27001, ISO/IEC 42001, the NIST Cybersecurity Framework and the NIST AI Risk Management Framework.
    • Identify and document control gaps, non-conformities, and risk exposures with proportionate, actionable recommendations.
    • Provide subject-matter support to internal and external audit functions as required.
    • Collaborate with risk, compliance, and IT teams to track remediation of identified control gaps and ensure timely closure.
    • Prepare clear, concise, and well-evidenced assurance reports and recommendations for senior stakeholders.
    • Provide guidance to entities and departments in preparing for assurance assessments and building control maturity.
    • Support the continuous improvement of the IS assurance program, including methodology, tooling, and automation.

    Unsere Erwartungen an dich

    Ausbildung

    • Master's degree in Information Security, Computer Science, or a related field.

    Qualifikationen

    • Professional certifications preferred (e.g. CISA, CRISC, ISO 27001 / 42001 Lead Auditor, ISO 27001 / 42001 Lead Implementer, CISSP).
    • Solid understanding of cybersecurity controls, governance frameworks, and assurance and assessment methodologies.
    • Familiarity with regulatory and compliance requirements (e.g. ISO/IEC 27001, NIS 2, GDPR, EU AI Act).
    • Strong communication and reporting skills, with the ability to explain technical issues to non-technical stakeholders.
    • Fluent English required; additional languages are a plus.

    Erfahrung

    • Minimum 3 years of experience in cybersecurity assurance, control assessment, or information security governance.
    • Experience working in complex, multinational environments is a plus.

    Unser Angebot

    • Flexible working hours in agreement with your line manager, 30 days of holidays.
    • A comprehensive training offer via our own training center or externally.
    • Health days with lots of health checks and information about your well-being, company medical care including a range of preventive services, such as flu shots, OTHEB employee assistance program.
    • Free gym and sports classes, Rioba coffee bar, canteen with discounted meals for employees, many campus events.
    • Discounted Jobticket as well as discounts in our wholesale stores and at many partner companies.
    • Good transport connections, free parking spaces, JobBike.
    • You will receive a contribution to your company pension.
    • Three daycare centers for children on campus, support of holiday camps for children of employees.

    Benefits

    Work-Life-Integration

    Essen & Trinken

    Mehr Netto

    Themen mit denen du dich im Job beschäftigst

    Job Standorte

    • Standort Düsseldorf

      Nordrhein-Westfalen

      Deutschland

    Das ist dein Arbeitgeber

    METRO AG

    METRO AG

    Als einer der weltweit führenden Großhändler hat METRO sich auf die Bedürfnisse von Hotels, Restaurants und Caterern (HoReCa) sowie unabhängigen Händlern spezialisiert. Mit einem umfassenden Sortiment an Lebensmitteln und Non-Food-Artikeln bietet das Unternehmen alles, was Gastronomen für den täglichen Betrieb benötigen - und zwar zu besonders attraktiven Konditionen.

    Description

  • Gründungsjahr
    1964
  • Unternehmenstyp
    Etablierte Firma
  • Arbeitsmodell
    Hybrid, Onsite
  • Branche
    Handel
  • Logo METRO AG

    Information Security Assurance Expert

    Ort
    Düsseldorf
    Arbeitsmodell
    Hybrid, Onsite
    Diversität
    Für alle Personen geeignet (m/w/d)

    Weitere Jobs