Head of Information Security & Data Protection / Information Security Officer (ISO) | Leitung Informationssicherheit & Datenschutz / Informations-Sicherheits-Beauftragte/r (ISB) (m/w/d)
Niedersächsiches Staatsbad Pyrmont Betriebsgesellschaft mbH
Job Summary
This pivotal leadership role at Staatsbad Pyrmont involves overseeing information security and data privacy across a diverse healthcare and hospitality landscape, including clinics, spas, and administration. As the Information Security Officer, you will be responsible for the end-to-end management of the Information Security Management System (ISMS) in accordance with ISO 27001 and BSI-Grundschutz standards. Your daily activities will include implementing NIS2 directive requirements, conducting risk and vulnerability assessments, and managing emergency concepts and business continuity plans. Additionally, you will serve as the Data Protection Officer (DPO), ensuring compliance with GDPR and BDSG through audits, training, and policy development. This position is highly attractive as it offers significant creative freedom within a future-oriented 'Smart Staatsbad' strategy, direct collaboration with executive management, and a secure public service contract (TV-L) with modern benefits like mobile working and extensive health programs.
Required Skills
Education
Completed degree in Computer Science, Business Informatics, Information Security, Healthcare Management, or a comparable field. Relevant certifications (e.g., ISO 27001 Lead Auditor, Data Protection Officer) are highly preferred.
Experience
- Professional experience in establishing and developing Information Security Management Systems (ISMS)
- Experience in implementing legal requirements such as GDPR, BDSG, and NIS2
- Experience in conducting risk assessments and data protection impact assessments
- Experience in managing IT quality management processes and digital standards
- Professional background in healthcare management or IT-related organizational development
Languages
Additional
- The role is available in full-time or part-time. Candidates must be able to work within the TV-L (German public service) framework. Location involves on-site presence in Bad Pyrmont with options for mobile work.