IT Service Manager (IT & Security Governance) Ref. No: 8059

Lufthansa Group Business Services is a 100 per cent Lufthansa subsidiary. We offer shared services worldwide for the entire Lufthansa Group in the areas of Finance, Business Intelligence & Transformation, Human Resources, Procurement and IT, which we provide or manage ourselves.

It’s our goal to harmonize and standardize processes and to continuously make them more efficient and effective. We see ourselves as pioneers in digitization, as well as in the use and distribution of the latest technologies, for example in business process automation.

As an internationally operating company, LGBS is represented at locations in Frankfurt, Hamburg, Krakow, Manila and Mexico City and manages BPO providers in Germany and abroad. With the global network of foreign representatives of the Lufthansa Group's field organization, we are also locally anchored and active worldwide.

Region: Kraków, małopolskie

---

Requirements:

• Minimum 3-5  years relevant experience
• Good ITIL Experience
• Experience in information security  in acc. with ISO27001
• General knowledge about IT development, maintenance and operations
• Good IT Security and data protection policies knowledge 
• Experience with compliance audits
• General technical knowledge about IT Infrastructure (Servers, databased, firewalls, network, Cloud Infrastructure, etc)
• Very good English 
• High communication skills
• Extensive negotiation and diplomacy skills
• Solution-orientation
• Risk-awareness and mitigation skills

---

Responsibilities:

• Be a liaison between  IT, Information Security Team, Audit & Compliance Manager and other compliance – related teams 
• Implement and maintain Information Security and data protection policies, processes and procedures in close cooperation with Security Team and the Group
• Accountability for IT & Security Governance Model documentation
• SPOC for all information security related issues, e.g. incidents, threats, Penetration Tests, SBF, TOMs, Guidelines, Standards
• Managing the Information Security Management System in acc. with ISO27001
• Central contact for all questions and issues around Information Security like:
• security awareness,
• business impact analysis,
• protection requirements assessment,
• risk assessment,
• new software assessment (SAQ review)
• any other information security related issues.
• Ensuring compliance with IT Governance and Security principles in IT projects and serving as an advisory board for Project Teams in discussion with Customers
• Ensuring proper “handover to operations” process for new projects and technologies
• Support Workers Council negotiations with IT and Security related content
• Consults in and evaluation of new technologies in relation to information security

---

We offer:

• Challenging work environment and growth opportunities
• Private medical care for employees and their family members
• Flexible working time and place adjusted to employee’s needs

---