Information Security GRC Manager | Information Security GRC Manager (all genders)
Eurowings Aviation GmbH
Job Summary
As an Information Security GRC Manager at Eurowings, you will play a pivotal role in maintaining and advancing the airline's security posture. Your daily responsibilities include supporting the Information Security Officer (ISO) in auditing technical and organizational standards, ensuring compliance with critical regulations like NIS-2 and Part-IS, and driving the continuous development of the Information Security Management System (ISMS) toward ISO 27001 certification. You will be responsible for conducting comprehensive risk assessments, defining mitigation strategies, and coordinating annual PCI DSS compliance. Beyond technical oversight, you will foster a culture of security by organizing awareness campaigns and training sessions. This role is ideal for a professional who thrives in an agile environment and enjoys translating complex security requirements into actionable business processes. Joining the Lufthansa Group's value airline offers the unique opportunity to work within a large-scale European aviation network while enjoying a high degree of professional autonomy and empowerment.
Required Skills
Education
Degree in (Business) Informatics, IT Security, or a comparable qualification.
Experience
- Long-term professional experience in the field of information security and ISMS
- Proven experience in conducting risk assessments and defining risk treatment measures
- Experience in managing external and internal audits
- Experience working with agile methods and project management principles
- Experience in coordinating PCI DSS compliance certifications
Languages
Additional
- The role requires the ability to work independently while maintaining strong teamwork and communication skills to convey complex technical facts to diverse audiences.