MenuMenu

Senior Security Risk Manager (all genders)

Location
Berlin
Contract
Full time
Job Category
Cybersecurity

THE ROLE & THE TEAM
 

As a Senior Security Risk Manager in the Information Security - Security Risk & Governance Team at Zalando, your role is crucial in maintaining the trust of customers, stakeholders, and employees by enabling a process to identify, assess, and manage security risks effectively. 

You will be responsible for answering any questions related to Security Risk and Governance and will play a key role in shaping the Security Risk Management process for both internal applications and third parties.


 

INCLUSIVE BY DESIGN

 

At Zalando, our vision is to be inclusive by design. And this vision starts with our hiring - we do not discriminate on the basis of gender identity, sexual orientation, personal expression, ethnicity, religious belief, or disability status. You are welcome to leave out your picture, age, or marital status from your application. We only assess candidates on their qualifications and merit. 


We want to provide you with a great candidate experience. Feel free to inform us of any accommodations you may need, so we can best support you throughout the hiring process. 

do.BETTER - our diversity & inclusion strategy: https://corporate.zalando.com/en/our-impact/dobetter-our-diversity-and-inclusion-strategy
Our employee resource groups: https://corporate.zalando.com/en/our-impact/our-employee-resource-groups 



WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)
 

  • Lead the implementation and compliance efforts for NIS2 and CRA frameworks, ensuring alignment with regulatory and organizational requirements.

  • Develop policies, procedures, and controls to operationalize the frameworks across the organization.

  • Collaborate closely with the legal team to stay updated on regulatory changes and advise the organization on their implications.

  • Design and establish a comprehensive framework to assess risks for projects, systems, and processes.

  • Establish and oversee a robust security governance framework that aligns with industry best practices.

  • Provide guidance on staying compliant with regulatory requirements related to cyber security.

  • Implement monitoring mechanisms to ensure ongoing compliance with NIS2, CRA, and other relevant frameworks.

  • Prepare and present regular reports on security risks, compliance status, and improvement initiatives to senior leadership.

  • Develop key performance indicators (KPIs) to measure the effectiveness of risk management efforts.


WE'D LOVE TO MEET YOU IF …

  • You have 6+ years of experience working in Security Governance, Risk and Compliance functions,

  • You demonstrate strong communication skills and good interpersonal skills. You are a team player and can work with engineering teams and business stakeholders.

  • You have strong knowledge and experience implementing security and privacy frameworks, regulations and standards, such as NIST CSF, GDPR, ISO 2700x, SOC 2, PCI DSS, NIS2, CRA. 

  • You have experience in addressing security regulations, breaking down obligations and translating regulatory requirements into security operational requirements,

  • You can communicate security risk-related concepts to technical and nontechnical audiences.

  • You have exceptional attention to detail, strong program/project management skills, analytical proficiency, and experience in operationalizing and developing scalable security processes in complex environments.

  • You have security certifications (e.g. CISSP, CRISC, CISM, ISO 27001 Lead Auditor/Implementer) as a plus.

     

OUR OFFER
 

Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.
 

  • Employee shares program;

  • 40% off fashion and beauty products sold and shipped by Zalando, 30% off Zalando Lounge, discounts from external partners;

  • 2 paid volunteering days a year;

  • Hybrid working model with 60% (or more) remote per week, actual practice is up to each team to best support their collaboration;

  • Work from abroad for up to 30 working days a year;

  • 27 days of vacation a year (for Zalando SE);

  • Relocation assistance available (subject to prior agreement);

  • Family services, including counseling and support;

  • Health and wellbeing options (including Gympass);

  • Mental health support and coaching available.

Learn all about Zalando and our values here: https://jobs.zalando.com/en/?gh_src=22377bdd1us

Recruiter

Ana Ermilova

ana.ermilova@zalando.de

Bitte beachten, dass alle Bewerbungen auf dieser Seite über das Online-Formular erfolgen müssen – wir akzeptieren keine Bewerbungen per E-Mail. Nach der Prüfung werden unsere Recruiter*innen über eine offizielle Zalando E-Mail-Adresse (@zalando.de) Kontakt aufnehmen.

In einigen Fällen arbeiten wir auch mit einer Auswahl von Headhunter*innen und Agenturen zusammen, um bestimmte Positionen zu besetzen. Bitte beachte, dass weder Zalando noch unsere Rekrutierungspartner*innen irgendeine Art von Bezahlung verlangen, um sich für eine Stelle zu bewerben oder an einem Vorstellungsgespräch teilzunehmen. 

Wenn du Fragen zu unserem Rekrutierungsprozess hast, wirf bitte einen Blick auf unsere FAQ-Seite.

Über Zalando

Es ist die perfekte Zeit, sich Zalando auf unserer Reise anzuschließen, das führende E-Commerce-Ökosystem für den europäischen Mode- und Lifestyle-Markt aufzubauen. Hilf uns, rund 50 Millionen aktiven Kund*innen in 25 Märkten ein inspirierendes und qualitätsorientiertes Einkaufserlebnis für Mode- und Lifestyle-Produkte zahlreicher Marken aus einer Hand zu bieten. Oder sei Teil unserer Zalando Logistik-, Software- und Service-Infrastruktur, um Marken und Einzelhändler bei ihren E-Commerce-Transaktionen in ganz Europa zu unterstützen – sowohl auf als auch außerhalb der Zalando Plattform. Komm zu uns, um mit diesem Ökosystem einen positiven Wandel in der Mode- und Lifestylebranche zu bewirken.