IT Security Consultant

As an Inhouse IT Security Consultant, you act as a trusted advisor and central point of contact for all security-related topics. You ensure that IT security is embedded across systems, processes, and projects — from stores and warehouses to corporate IT, cloud platforms, and data-driven services. You work closely with national and international stakeholders to protect our business against current and future cyber threats.

My responsibilities:

• Security Consulting & Advisory
  • Act as Single Point of Contact (SPoC) for internal customers on all IT-security-related matters
  • Advise national and international projects, including initiatives involving cloud and innovative technologies
  • Provide security guidance throughout the entire service and project lifecycle
• Risk Management & Security Assessments
  • Conduct security reviews, risk assessments, and protection needs analyses
  • Support internal stakeholders through risk acceptance and policy exemption processes
  • Perform cloud security assessments and vendor security evaluations, including definition of additional security requirements for contracts
  • Review and decide on firewall rules, server internet access, proxy requests, and security solution concepts
• Governance, Standards & Architecture
  • Proactively develop and improve security policies, standards, and the enterprise security architecture
  • Ensure compliance with relevant frameworks and regulations (e.g. ISO 27001, NIST, BSI IT-Grundschutz, GDPR)
  • Support ISMS activities together with Business Relationship Managers and Operational Risk Management
• Operations, Resilience & Lifecycle Support
  • Support service owners during onboarding, penetration testing, and remediation tracking
  • Support planning and execution of disaster recovery and IT Service Continuity Management (ITSCM) activities
  • Act as security contact for recovery concepts and recovery exercises
  • Foster automation and standardization of security-relevant processes (e.g. Security as Policy)
• Collaboration & Continuous Improvement
  • Closely collaborate with national and international teams across multiple countries and functions
  • Actively participate in internal security communities and communities of practice
  • Scout new security technologies (e.g. MFA, monitoring, detection capabilities) and share knowledge
  • Identify, drive, and implement improvements and standardization in security-related topics

The knowledge I own:

Required Qualifications

• University degree in Computer Science, Information Technology, or a comparable qualification with a strong focus on IT Security
• Solid professional experience in IT security, ideally in an enterprise, consulting, or auditing environment
• Strong technical and methodological knowledge of IT security principles, technologies, and best practices
• Good understanding of modern IT environments, with a strong focus on Microsoft technologies and Azure
• Knowledge of relevant security standards, regulations, and compliance requirements
• High communication skills with the ability to advise, influence, and convince stakeholders at all levels
• Very good command of English (spoken and written)

Desired Qualifications

• At least three years of professional experience in IT security
• Experience in international or multi-country environments
• High willingness and ability to quickly familiarize yourself with new topics and technologies

The offer that would convince me:

• Growth opportunities in a continuously evolving organization
• Long-term job security at a stable company
• Competitive salary and benefits
• Practical and tailored training programs
• Varied tasks within a supportive and modern working environment
• Flexible working arrangements including home office options

Online application:

Please use our online application and attach your resume.

AIIS Adatkezelési tájékoztató

Privacy notice