IT Security (Project Management / Consulting)

NAXCON GmbH, located in the heart of Freiburg, is at the forefront of the German IT and engineering industry.

Our experts have extensive knowledge in software and hardware development, state-of-the-art electronics, and future-oriented technologies such as artificial intelligence and virtual reality.

We are not only dedicated to project work for our customers, but also intensively pursue in-house innovation projects as well as research & development. Renowned companies from a wide range of German industries place their trust in us - demonstrating the outstanding expertise and commitment of our engineers.

Position: IT Security (Project Management / Consulting)

Location: Mainz/Koblenz, Germany

Type: Full-time/Mostly remote

At a time of increasing cyber threats targeting existing IT infrastructures within authorities and public institutions (hereinafter referred to as BuE), where IT systems can be infected with malicious software and potentially bring entire administrative operations to a standstill, the importance of IT security has become significantly more critical for security officers.

As a result, security and emergency concepts have gained a completely new level of importance.

It is therefore essential to standardize these concepts in such a way that every IT Security Officer is able to flexibly integrate changes to the existing IT infrastructure into these concepts.

Consequently, IT security consulting now not only includes the traditional consulting services, whose results were previously developed and documented in less structured ways, but increasingly also the requirement to manage the fundamental information necessary for Information Security Management Systems (ISMS) for both existing and newly created information networks using an ISMS tool. This is intended to ensure standardized IT security concepts in accordance with the BSI IT-Grundschutz framework.

For this purpose, the state of Rhineland-Palatinate provides the ISMS tool from Fuentis AG for the authorities and institutions of the state. However, depending on requirements, individual authorities may also use other tools recognized by the BSI as suitable.

This lot covers personnel services in the area of IT security management and specifically the creation of IT security concepts according to IT-Grundschutz standards. Experience with ISMS tools, particularly the tool provided by Fuentis AG, is desirable in order to achieve the state-wide strategic objective of standardizing IT security concepts according to BSI requirements.

Skill Level A (Project Management / Consulting)

Includes the ability to perform the tasks described under section 2.1 as well as possession of the basic qualifications described under section 2.2 within the environment of the operating systems, operating system cluster technologies, operating-system-related software, and additional system technologies described below, together with the corresponding theoretical knowledge.

Required Skills

The deployed personnel must have:

• A valid certification as a BSI Lead Auditor for ISO 27001 audits based on IT-Grundschutz
• Extensive proven practical experience in the application and implementation of the IT-Grundschutz methodology (BSI Standards 200-1 to 200-4)
• Practical experience in the recording and modeling of at least 3 information networks
• Experience in designing and conducting state-wide information security awareness programs for various target groups within public administration (including the creation of accompanying information materials and live hacking demonstrations)
• Experience in designing and conducting state-wide information security training programs for different target groups within public administration (e.g., Information Security Officers, comparable to the BAköV training concept)
• Experience in creating state-wide information security policies and template service instructions
• Experience in creating and implementing IT security concepts according to IT-Grundschutz standards using predefined ISMS tools
• Experience using the above-mentioned ISMS tool from Fuentis AG

Preferred Skills

The deployed personnel should have:

• Experience in creating IT security concepts for information networks involving multiple organizational units
• Experience in reviewing and updating IT security concepts and framework documentation such as policies, cryptography concepts, etc.

What we offer:

Join a cosmopolitan and internationally mixed team: We welcome individuals from all backgrounds and cultures to contribute their unique perspectives and talents to our team.
Polish your German language skills: If you are looking to improve your German language skills, we offer a supportive environment where you can practice and develop your language abilities: whether you are a beginner or an advanced speaker.
Benefit from a fixed contact person from the company: We understand the importance of having a reliable point of contact within the company. That's why we assign a dedicated contact person who will provide guidance and support throughout your employment with us.
Professional growth and development: With us, our engineers can immerse themselves in new industries or projects after just 1-2 years and actively transfer knowledge.
Enjoy regular team events with the company: We believe in the power of team building and fostering positive relationships within the workplace. That's why we organize regular team events to promote collaboration and strengthen our team bonds.
Competitive compensation package: At NAXCON, we believe that our engineers are our greatest asset. That's why we offer a comprehensive and competitive compensation package that includes a salary commensurate with experience and expertise.