Head of Security and Privacy Engineering (m/f/d)

Join us in developing and strengthening an entire department and transforming Cyber Security capabilities on a global scale. If youre committed to making a real impact in the field of Cyber Security you can #ShapeTheM with us.

Besides an interesting professional environment we offer you a culture that wants you to thrive and allows to learn from each other:

• We try together we stumble together we get up together and shape our future. Be part of our transformation build cross-functional capabilities and discover new ways of excelling in the Cyber Security field.
• We create impact in the world of food and offer comfort for our customers worldwide. To achieve this we build capabilities to be the cyber-resilient omni-channel wholesaler.
• We invite you to take on responsibility make our company your company and create a business together that remains true to its roots but always seeks new solutions.
• Together we CARRY the M we GROW the M we INSPIRE the M we SHAPE the M.

The purpose of that role:

The role involves developing and implementing Security and Privacy by Design and by Default capabilities securing the entire CI/CD pipeline and leading the security engineering community within product teams to enhance security practices. Additionally it includes translating the Information Security Strategy into distinctive capabilities provided across METRO and METRO AG to integrate security and privacy effectively. This role will lead a team with up to 4 employees.

Your tasks: 

• Develop and lead the Security & Privacy Engineering Team hiring Security Engineers defining roles and responsibilities
• Develop and support by providing advices the implementation of guidelines and business capabilities to enable Security and Privacy by design and by default processes.
• Oversee and steer Threat Modelling Application Security Technical & Operational Measures (TOM) Cloud Security Orchestration and Automation of incident response activities and internal controls activities related to Information Security across METRO.
• Review and monitor performance metrics and manage continuous improvement
• Collaborate with DPO in all Privacy Engineering topics i.e. Coordinates the TOM together with the DPO
• Support CISO in defining annual objectives and monitor progressses and relevant KPI to be reported to METRO AG Boards

Qualifications :

• Educational Background: A Masters degree (MSc) in Computer Science or an in Software and Systems Security is required.
• Experience: A minimum of 10-15 years of relevant experience in the field of cyber security.
• Leadership Experience: Demonstrated leadership experience in developing and leading the Security & Privacy Engineering Team including hiring Security Engineers defining roles and responsibilities and fostering a high-performance culture.
• Security by Design and by Default: Proven expertise in developing and supporting the implementation of guidelines and business capabilities that enable Security and Privacy by design and by default processes.
• Security Oversight: Substantial experience in overseeing and steering key areas such as Threat Modeling Application Security Technical & Operational Measures (TOM) Cloud Security Orchestration and Automation of incident response activities as well as internal controls activities related to Information Security across METRO.
• Performance Management: Proficiency in reviewing and monitoring performance metrics and driving continuous improvement in security and privacy practices.
• Collaboration Skills: Strong collaborative skills with the ability to work closely with the Data Protection Officer (DPO) on Privacy Engineering topics and coordinate the TOM in conjunction with the DPO.

Nice to Haves:

• GitHub Enterprise Security: Familiarity with GitHub Enterprise security practices and tools.
• Security Tools Proficiency: Experience with security tools like Synopsys Polaris and Code Dx showcasing a strong foundation in code analysis and security assessment.
• Qualys: Familiarity with the Qualys security platform demonstrating proficiency in vulnerability management and assessment.

Additional Information :

• Work-life balance: Flexible working hours with the option of mobile working in agreement with your line manager 30 days of holidays.
• Training: A comprehensive training offer via our own training center or externally.
• Well-being: Health days with lots of health checks and information about your well-being company medical care including a range of preventive services such as flu shots OTHEB employee assistance program. 
• Exciting life on campus: Free gym and sports classes Rioba coffee bar canteen with discounted meals for employees many campus events.
• Discounts: discounted Jobticket as well as discounts in our wholesale stores and at many partner companies.
• Comfort: Good transport connections free parking spaces JobBike. 
• Company pension plan: You will receive a contribution to your company pension. 
• Family driven: Three daycare centers for children on campus support of holiday camps for children of employees.

Remote Work :

No

Employment Type :

Full-time