Job
- Level
- Experienced
- Job Field
- IT, System, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Salary
- from 57.554 € Gross/Year
- Location
- Vienna
- Working Model
- Onsite
Job Summary
In this role, you will enhance the information security management system, coordinate risk assessments and audits, and handle the implementation of compliance requirements in the media sector.
Job Technologies
Your role in the team
- Governance Framework & ISMS: Development, maintenance, and continuous improvement of the Information Security Management System based on the ISO/IEC 27000 series, as well as ensuring consistent security governance across all ORF corporate divisions.
- Compliance & Regulatory Affairs: Implementation and monitoring of all relevant regulatory requirements.
- Risk Management: Conducting and coordinating enterprise-wide information security risk analyses, risk treatment measures, and residual risk acceptance processes.
- Guidelines & Policies: Development, updating, and management of security policies, standards, and procedures.
- Audit & Assurance: Planning and coordination of internal and external audits, documentation, and follow-up of measures.
- Third-Party & Supplier Risk: Involvement in the development and operation of a process for Vendor Risk Management.
- Reporting & KPIs: Identification and remediation of security vulnerabilities and weaknesses (security metrics).
- Reporting to the CISO.
This text has been machine translated. Show original
Our expectations of you
Education
- Education: Completed degree in Information Security, Business Informatics, or a comparable qualification.
Qualifications
- Rules & Control: Very good understanding of current regulations (NIS2 Directive and CRA).
- Methodology: Knowledge of risk management, audit methodology, and compliance assessments.
- Certifications: CISM, CISA, CRISC, etc.
- Strong communication skills: Ability to present complex issues in an understandable manner.
- Structured, independent working style with a high quality standard.
- Resilience and pragmatism: viewing compliance not as an end in itself, but as an enabler.
- Very good knowledge of German and good knowledge of English, both spoken and written.
- Team orientation combined with the ability to drive projects independently.
Experience
- Several years of professional experience in the GRC environment.
- Technology Stack: In-depth knowledge of ISO/IEC 27000 and practical experience in ISMS implementation, as well as experience and familiarity with GRC tools.
- Industry: Experience in the media or broadcasting industry is an advantage.
- Experience in stakeholder management at various hierarchical levels.
This text has been machine translated. Show original
What we offer
- An exciting work environment in one of Austria's most prominent media houses.
- The opportunity to significantly influence the digital transformation of public broadcasting.
- Attractive opportunities for further training and a collegial environment.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
Health, Fitness & Fun
More net
Food & Drink
Topics that you deal with on the job
Job Locations
This is your employer
Österreichischer Rundfunk
Wien
The Austrian Broadcasting Corporation (ORF) is a public foundation with its main headquarters in Vienna. It's the biggest media provider in Austria and operates nine Regional Studios as well as one studio each in Bozen, Italy and Basel, Switzerland.
Description
- Company Type
- Established Company
- Working Model
- Hybrid, Onsite
- Industry
- Media, Publishing
Dev Reviews
by devworkplaces.com
Total
(3 Reviews)3.9
Career Growth
4.1Workingconditions
4.1Engineering
3.6Culture
3.8
Governance, Risk & Compliance Specialist for Information Security
- Salary
- from 57.554 € Gross/Year
- Location
- Vienna
- Working Model
- Onsite
- Diversity
- Open for all genders
