\n Evotec is a life science company with a unique business model focused on delivering highly effective new therapeutics to the patients. The Company leverages its multimodality platform, the \xe2\x80\x9cData-driven R&D Autobahn to Cures\xe2\x80\x9d, for proprietary projects and within a network of partners including Pharma, Biotech, academics, and other healthcare stakeholders. With more than 4,500 highly qualified people at 17 sites, Evotec aims to create the world-leading co-owned pipeline for innovative therapeutics. For additional information please go to www.evotec.com and follow us on Twitter (@Evotec) and LinkedIn.

At Evotec\'s headquarters in Hamburg, Germany, the Global IT Security team is seeking a highly motivated and dedicated

Operational Lead Global IT Security (all genders) in IT Service Delivery

The role Operational Lead Global IT Security is reporting into the SVP Head of IT Service Delivery. The main responsibility of this role lies with the design, implementation and operation of all technical security solutions and processes. The Operational Lead Global IT Security is responsible on the operational side of Global IT Security and by this a close sparring partner to the Chief Information Security Officer (CISO) for the alignment of the Information Security Governance and the technical and procedural adoption of the ISMS policies and requirements.

As Evotec\'s Operational Lead Global IT Security you are the implementer and designer for the development and enforcement of technical enterprise security strategy and their standards and policies, additional to the CISO.
This role is driving the security vision within the IT department, and beyond in other areas like production, digital products and facility management.

• Developing and implementing the IT Security strategy (covering IT infrastructure, IT applications, cloud, on-premise) and incorporate that into the IT strategy
• Incorporation of the IT security strategy into the production and R&D strategies
• Establishment of a companywide enterprise IT security architecture
• Define and enforce technical security standards and operational policies
• Define and drive \xe2\x80\x9cSecurity by Design\xe2\x80\x9d in relevant business areas
• Integration of IT Security into the IT processes (IT service management, IT operations management)
• Establishment of IT security in projects (security concepts, security reviews) and oversee the whole project portfolio regarding security relevance and priorities
• Establishment of processes for security operations incl. runing the security operations center / cyber defence center
• Management of the international IT security organization and its team of security experts
• Coordination of external IT security suppliers and operators
• Planing and performing technical and procedural IT Security audits in the areas of architecture, engineering, operating
• Reporting of vulnerabilities and technical risks to CIO and CISO
• Handling of security incidents in close cooperation with Information Security Governance (CISO)
• Responsibility for defining and creating IT skills and necessary resources (FTE) for IT Security
• Razing of awareness for IT Security in the target areas (IT, Production, R&D, Facility) Coordination of external IT security suppliers and operators

• Bachelor\'s or Master\'s degree in Business Administration, Information Technology, or a related field or equivalent qualification
• Profound professional experience, working in a large-scale IT environment on IT security and risk; Including practical working experience of managing security organizations and related teams
• Experience in a regulated industry such as pharmaceuticals, biotech, or healthcare is preferred
• A proven track record in dealing with complex security projects and meeting conflicting situations and crisis scenarios
• Profound technical knowledge of security technologies (network, cloud, Identity & Access etc)
• Industry certifications such as PMP, ITIL, ISO 27001, Agile
• Profound knowledge of security norms and standards (ISO 27001, NIST, CIS, GMP).
• Profound knowledge of enterprise IT Security solutions
• Strong experience in Security monitoring / Security Operations Centre (SOC)
• Industry certifications such as CISSP, CISM, SANS, GSEC etc. (preferred, but not required)
• Experience in leading a team in terms of design and assessment of IT security solutions, preferably in a related industry
• Ability to adapt to a fast-moving IT security landscape and keep pace with latest concepts, new security challenges and cyber threats
• Excellent communication skills, with the ability to translate complex technical concepts into understandable language
• Professional written and verbal communication skills in English, German language skills would be an advantage

• A position within a vigorous and exciting professional environment promoted by an open culture and a spirit of community
• A diverse, international workforce with a dynamic working environment that fosters creativity, innovations and teamwork
• 30 days of annual holiday, flexible working hours, and in-house canteen
• Capital forming benefits, holiday allowance, annual bonus depending on performance, and monthly allowance for public transportation (Deutschlandticket)

\n

\n \n StepStone\n \n

\n