IT risk manager / information security manager

Your role in the team

Our expectations of you

Education

• Completed university degree at Bachelor's level in Computer Science, Business Informatics, IT Security, Engineering with an IT focus, or Business Administration with an IT specialization, or an equivalent qualification.

Qualifications

• In-depth knowledge of information security frameworks (e.g., ISO/IEC 2700x, BSI IT-Grundschutz).
• Methodological competence in risk management (e.g., ISO/IEC 27005, threat modeling).
• Understanding of IT security architectures, complex IT infrastructures, and cloud architectures for risk assessment and development of risk mitigation measures.
• ISO/IEC 27001 Lead Implementer/Lead Auditor, CRISC, CISM, CISSP or ITIL preferred.
• Analytical and strategic thinking.
• Solution-oriented, meticulous work.
• High problem-solving skills.
• Independent working.
• Strong communication and consulting skills: ability to prepare complex issues appropriately for the audience (management vs. technical).
• Ability to work across disciplines.
• Excellent spoken and written proficiency in German and English.
• A prerequisite for employment with the State of Lower Austria is a clean criminal record.

Experience

• Practical experience in IT risk management, IT security management, or compliance knowledge in the development of risk analyses, emergency, and security concepts in operations.
• Experience with general regulatory requirements (e.g., NIS2, GDPR). Knowledge of sector-specific regulations (e.g., GTelG, MDR) is advantageous.
• Experience and knowledge of IT operations in healthcare facilities are advantageous.