(1) Develop, implement, and maintain security strategies, policies, and procedures aligned with corporate objectives and security requirements.

(2) Ensure compliance with applicable local regulations and global security standards.

(3) Conduct security risk assessments and drive effective mitigation plans.

(4) Establish governance frameworks and security processes to support business objectives.

(5) Monitor and continuously improve security performance and compliance.

(1) Oversee information security programs and related security controls.

(2) Protect sensitive business information, intellectual property, and critical assets.

(3) Support security awareness initiatives and promote a strong security culture across the organization.

(4) Coordinate security audits, assessments, and compliance activities.

(5) Evaluate emerging security risks and recommend appropriate controls and improvements.

(1) Support the development and implementation of physical security programs and standards.

(2) Collaborate with stakeholders to ensure the protection of personnel, facilities, and critical infrastructure.

(3) Oversee security-related projects and continuous improvement initiatives.

(4) Ensure alignment with corporate physical security requirements and best practices.

(1) Act as the primary security liaison between ESMC and global headquarters.

(2) Provide strategic security advice and recommendations to management and key stakeholders.

(3) Collaborate closely with cross-functional teams including IT, HR, Legal, Facilities, Operations, and external partners.

(4) Support the recruitment, onboarding, and development of future security team members.

(5) Contribute to building a high-performing local security organization.

(1) Bachelor’s degree in Information Security, Computer Science, Engineering, Risk Management, or a related field.

(2) Professional certifications such as CISSP, CISM, CISA, or comparable credentials are highly desirable.

(1) Minimum 7 years of professional experience within Information Security, Cyber Security, Risk Management, or Security Governance.

(2) Minimum 3 years of leadership experience, including leading teams, projects, or security-related initiatives.

(3) Experience working in multinational and matrix organizations.

(4) Proven track record in managing complex stakeholder environments and driving cross-functional initiatives.

(5) Experience supporting large-scale international projects.

(6) Strong understanding of information security frameworks, governance, risk management, and compliance principles.

(7) Familiarity with European regulatory requirements and data protection considerations.

(1) Solid understanding of enterprise IT environments, network infrastructure, and security technologies.

(2) Experience with security monitoring, risk assessment, and security control implementation.

(3) Knowledge of modern information security practices and industry standards.

(1) Fluent German and English, both written and spoken.

(2) Mandarin language skills are considered a plus.

(1) Strong leadership and interpersonal skills with the ability to influence stakeholders at all levels.

(2) Excellent communication, negotiation, and relationship-building capabilities.

(3) Strategic thinker with a proactive and solution-oriented mindset.

(4) Strong analytical and problem-solving abilities.

(5) Able to work effectively in a fast-paced and multicultural environment.

(6) Self-motivated, independent, and capable of managing multiple priorities simultaneously.

(7) Detail-oriented while maintaining a strong focus on business objectives.