Country Chief Information Security Officer

Iberdrola

Berlin, GermanyPosted 1 month agoOther

Show listing Apply on company site

IT Security & Cybersecurity

Job details

Job description

Role Purpose

Lead cybersecurity governance, risk management, and oversight for Iberdrola Germany, ensuring alignment with IEI CISO, Group policies, and German regulatory requirements.

Key Responsibilities

Identify, assess, and manage cybersecurity risks across IT, OT, and business processes.
Apply risk methodologies, consolidate risks with asset owners, and translate findings into clear business language.
Report risks, vulnerabilities, metrics, and incidents to the Country Manager and IEI CISO.
Implement the Iberdrola Cybersecurity Model and adapt global policies to the German regulatory context.
Oversee security‑by‑design, procurement requirements, and cybersecurity in supplier‑managed services.
Develop and track country cybersecurity plans and mitigation actions.
Lead regulatory audits (NIS2, KRITIS, IT‑SiG 2.0) and ensure remediation.
Ensure effective monitoring, threat detection, and vulnerability management.
Maintain Incident Response Plans, coordinate incident reporting, and run readiness exercises.
Drive awareness programs and targeted training, promoting a cybersecurity‑first culture.
Maintain strong engagement with senior leadership and coordinate closely with IEI CISO and business units.

Knowledge & Skills

Strong understanding of German cybersecurity regulations (NIS2, KRITIS, IT‑SiG 2.0, GDPR).
Solid technical knowledge across IT, OT, cloud, and data environments.
Familiarity with ISO 27001, IEC 62443, NIST CSF.
Strong executive communication, stakeholder management, and decision‑making under pressure.
Fluent German required.

Training & Certifications

Degree in engineering, computer science, cybersecurity, or similar.
Preferred: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, IEC 62443, ISO 31000.
Commitment to ongoing professional development.

Experience

5+ years in cybersecurity or IT/OT risk within critical infrastructure.
2+ years in cybersecurity or risk leadership.
Experience with regulators, cybersecurity programs, and incident response.

What We Offer

Global leader in green energy: Actively contribute to the energy transition.
Career development: Diverse training opportunities and long-term growth prospects.
Language courses: German, English, and Spanish.
Mobility: Subsidy for the Germany Ticket (BVG).
Rechargeable benefit card, tax-free
Employee discounts: Attractive offers from partners in retail, travel, and more.
Compensation: Performance-based salary that values your contribution.

Mobility Information

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country.

Job Posting End Date:

April-30-2026