MediaMarkt Magyarország, market leader retail company is looking for the new colleague:

Information Security Officer

Authority/Competence

  • The ISO refers directly to the management. Measures, which he induced, are being accounted by him in front of the management. He has the right of direct recitation.
  • The ISO is compared to IT-Staff, the system administrator and user supporter, as well as the users in case of security relevant issues authorizing officer.
  • The ISO is authorized, to quit IT-Applications either temporarily or entirely if the IT-Security (availability, confidentiality, integrity) is endangered or an immediate risk is in existence (disclosure of customer information). About this he informs the Management and MSITS Cyber Security immediately.
  • In case of a IT-Security-Coordinating-Committee by MSH, the ISO is part of the MSH ISO Organization
  • On demand, the ISO can host assessments, which provide insight on the maturity level regarding IT-Security. Severe security issues are being reported immediately to the MSITS Cyber Security.
  • The ISO is able to access all operational areas that are IT- relevant operational areas, on demand as needed to prevent and investigate damage for the company.
  • The ISO is able to access IT-Systems, after a data privacy approval is carried out and the four-eyes principle is assured, if he has a legitimate reason. Present emergency procedures should be used in case of availability. Incidents have to be documented.

Responsibilities:

  • The ISO updates and further develops the subsidiaries IT Security Management System (ISMS) in coordination with the MSITS Cyber Security & MSH-Corporate Security.
  • The ISO coordinates measures and plans that have group wide impact, with the MSITS Cyber Security.
  • The ISO informs the MSITS Cyber Security and MSH Corporate Security periodically about the status of relevant measures, possible exceptions for security guidelines and security incidents. Connected Information Security-Risks are being handled in line with the MSITS Cyber Security Information-Risk management-Processes.
  • In the field of IT-Security he informs the IT-Management, as well as the IT-User, about the present regulations, the current developments and changes.
  • Decisions, a ISO took as an emergency measure within the emergency response, are being communicated immediately to the MSITS Cyber Security, IT-Management and if applicable to more responsible departments.

Tasks of the Management

  • Appointment of the responsible manager for IT Security.
  • Support of the IT Security Officers through the management of subsidiary, to the full extent.
  • Implementing the IT Security Strategy form MSITS Cyber Security, as derived from the business strategy and the IT-Strategy from MSH.
  • The management is responsible for staff and budget, so contracts can be fulfilled.
  • The management provides measures of education and training.
  • Establishment of necessary interfaces within the MSH.
  • Preventing conflicts of interest and being compliant with the separation of functions, through an appropriate classification and establishment of the section-/escalation structure.
  • Establishment of a IT Security Organization within the subsidiary with official section structures for the ISO of the MSITS.

Necesarry Skills:

  • Minimum of 3 years experience in terms of IT Security
  • Existing Security Certification (CISSP, CISM, CISA, etc.) or comparable or the ability to achieve a certification within 6 months
  • Knowledge of ISO27001/2 would be appreciated
  • Bachelor or similar education
  • Good knowlegde of operating Systems, Networks and Databases
  • Very good communication and persuasion skills

We offer:

  • Dynamic working environment;
  • Possibility to influence business decisions, flat organizational structure
  • Work life balance
  • Small and committed team

Sector(s):

  • IT Operation, Telecommunication
  • IT Security
  • Full time

Experience required:

  • 3-5 years professional experience

Required language level:

  • English - intermediate / communication

Job location:

Budapest, 1138 Váci út 140.

How to apply/ contact information:

If you are interested, please send your application (possible entry date and salary expectation).

Új adatkezelési rendelkezések!

Fontos számunkra személyes adatai védelme, ezért szeretnénk felhívni a figyelmét, hogy módosult a felhasználókra vonatkozó Adatkezelési Tájékoztató és a Munkáltatói Adatkezelési Tájékoztató , melyekben rögzítettük az újonnan bevezetésre kerülő chat beszélgetés és a hirdetői visszahívás kérés funkció adatkezelési feltételeit. Frissítettük továbbá az adatfeldolgozó partnerek listáját, amely új együttműködések révén a profession.hu szolgáltatásainak és működésének hatékonyságát kívánjuk növelni.