The Bauer Media Group is one of the most successful media companies in the world. More than 600 magazines, over 400 digital products, and 50 radio and TV stations reach millions of people around the globe. The company's portfolio also includes printing companies, postal services and services in the fields of distribution, marketing, media sales and online comparison portals. The Group's turnover is stable at more than two billion euros. With a new global positioning strategy, the Bauer Media Group underscores its passion for people and brands. The claim "We think popular." highlights the Bauer Media Group's perception of itself as a publisher of popular media and provides inspiration and motivation to its more than 11,000 employees in 17 countries.
The newly established Bauer Global Technology group sets the technology strategy for Bauer companies. It co-ordinates major investments and change programmes with the primary goal of bringing the company on a journey from a highly federated set of autonomous and independent companies, to an operation that maximises the opportunity of working at scale across the group – through knowledge sharing, collaboration and centres of excellence.
One important stream in this journey is the development and constant maintenance of a group wide Information Security Program covering all relevant business areas. This includes the protection of enterprise IT systems and services that support activities such as publishing, printing, radio broadcasting, and digital customer facing services within our online comparison platform (OCP) and search engine optimisation (SEO) businesses.
Within this comprehensive and exciting area the newly established role of an “Information Security Manager OCP, SEO & New Business” will in close cooperation with a wide range of business units ensure that group-wide policies and processes are suitable for OCP, SEO & NB. In addition, role holder will control implementation and compliance with those policies and help to create, manage, run & monitor local policies and processes for relevant business units sizing from small start-ups to established medium size enterprises.
For the Bauer Global Technology team we are looking for the next possible date either in Hamburg or London for a
Information Security Manager OCP, SEO & New Business (f/m/d)
- This role is designed as being the primary coordinator within the group security team for all aspects of information security for Bauers OSP,SEO and NB business area
- In close cooperation with a wide range of (OCP, SEO, NB) and the Group security function role holder shall develop, deploy and maintain information security policies and standards for this specific business area as well as monitor and report compliance with those, the group-wide policies, controls and legislation
- Support and advise the different technology units with detailed technical and processual knowledge around secure use of SDLC, DevSecOps, Cloudservices and Containerisation
- Manage information security due diligence, auditing and monitoring of internal business units, vendors and suppliers and undertake third-party security audits and intrusion and penetration tests
- Create and manage Security Incident Management processes aligned with Group policies & processes. Oversee incident response planning and investigation of security breaches
- Help to establish internal security awareness and training programs and drive changes in staff behaviour to reduce overall risk to the organisation
- Maintain current knowledge of the information security field and the changing threat landscape; track new developments in rapidly changing technologies and create and develop a personal network of Information Security professionals in other organizations and industries to act as a source of information
- Leverage new security technology to drive solutions back to the business
- Seek out and find subject matter experts from the Bauer technology team to become part of a matrix managed federated security practice team
- Provide security expertise and input to the design and operations of systems, infrastructure, products & processes
- In-depth understanding of the concepts, technologies, systems and architectures supporting information security protection
- Significant previous experience as an information security professional developing/ publishing/ maintaining controls and policies for complex organisations. Industry recognised qualifications (CISM, CISSP) would be an advantage
- Ability to articulate Information Security and technical issues in a non-threatening, clear and actionable manner to non-technical audience
- Excellent stakeholder management and influencing skills paired with the ability to drive change and influence across a highly matrix managed organisation
- A passion for technology and security safeguarding with a desire to deliver
- Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
- Highly effective and creative problem-solving skills
- Language skills: Fluent in English (must), language Skills in German or polish (desirable)
If you are interested in this position, please send your complete application documents to Kati Hülsenbeck,
Reference Number: BSKH-14/2019