VP Head of Cyber Defence Unit all genders

The Head of Cyber Defence Unitis responsible for the design implementation and operation (PLAN BUILD RUN) of all technical security solutions and processes. They drive the security vision within IT and beyond in areas like production digital products and facility management. The HoITSEC acts as the authority for the development and enforcement of technical enterprise security strategy standards and policies.

The HoITSEC is also a close sparring partner to the Chief Information Security Officer (CISO) for aligning Information Security Governance and the technical and procedural adoption of ISMS policies and requirements.

Key Responsibilities:

• Developing and implementing the IT Security strategy (covering IT infrastructure IT applications cloud onpremise) and incorporating it into the IT strategy.
• Incorporating the IT security strategy into the production and R&D strategies.
• Establishing a companywide enterprise IT security architecture.
• Defining and enforcing technical security standards and operational policies.
• Driving Security by Design in relevant business areas.
• Integrating IT Security into IT processes (IT service management IT operations management).
• Establishing IT security in projects (security concepts security reviews) and overseeing the whole project portfolio regarding security relevance and priorities.
• Establishing processes for security operations including running the security operations center/cyber defence center.
• Managing the international IT security organization and its team of security experts.
• Coordinating external IT security suppliers and operators.
• Planning and performing technical and procedural IT Security audits in the areas of architecture engineering and operations.
• Reporting vulnerabilities and technical risks to the CIO and CISO.
• Handling security incidents in close cooperation with Information Security Governance (CISO).
• Defining and creating IT skills and necessary resources (FTE) for IT Security.
• Raising awareness for IT Security in target areas (IT Production R&D Facility).
• Coordinating external IT security suppliers and operators.

Ideal Qualifications:

• Bachelors or Masters degree in Business Administration Information Technology or a related field or an equivalent qualification.
• Industry certifications such as PMP ITIL ISO 27001 Agile.
• Industry certifications such as CISSP CISM SANS GSEC etc. (preferred but not required).
• Minimum 8 years experience working in a largescale IT environment on IT security and risk including 5 years of managing security organizations/teams.
• Experience in leading a team in the design and assessment of IT security solutions preferably in a financial services environment.
• A proven track record in dealing with complex security projects and managing conflicting situations and crisis scenarios.
• Ability to adapt to a fastmoving IT security landscape and keep pace with the latest concepts new security challenges and cyber threats.
• Profound technical knowledge of security technologies (network cloud Identity & Access etc..
• Profound knowledge of security norms and standards (ISO 27001 NIST CIS GMP).
• Profound knowledge of enterprise IT Security solutions.
• Strong experience in Security monitoring/Security Operations Centre (SOC).
• Thrives on change showing an ability to constantly develop IT security.
• Ability to build relationships and interact effectively with internal and external parties.
• Excellent communication skills with the ability to translate complex technical concepts into understandable language.
• Excellent written and verbal communication skills in English; German language skills would be an advantage.
• Experience in a regulated industry such as pharmaceuticals biotech or healthcare is preferred.

FR : Dans le cadre de sa politique Diversit Evotec tudie comptences gales toutes les candidatures dont celles des personnes en situation de handicap.

ENG : In the frame of our Diversity policy Evotec considers with equal competences all applications including people with disabilities.