Country Chief Information Security Officer

Job description

Role Purpose Lead cybersecurity governance, risk management, and oversight for Iberdrola Germany, ensuring alignment with IEI CISO, Group policies, and German regulatory requirements. Key Responsibilities: - Identify, assess, and manage cybersecurity risks across IT, OT, and business processes. - Apply risk methodologies, consolidate risks with asset owners, and translate findings into clear business language. - Report risks, vulnerabilities, metrics, and incidents to the Country Manager and IEI CISO. - Implement the Iberdrola Cybersecurity Model and adapt global policies to the German regulatory context. - Oversee security‑by‑design, procurement requirements, and cybersecurity in supplier‑managed services. - Develop and track country cybersecurity plans and mitigation actions. - Lead regulatory audits (NIS2, KRITIS, IT‑SiG 2.0) and ensure remediation. - Ensure effective monitoring, threat detection, and vulnerability management. - Maintain Incident Response Plans, coordinate incident reporting, and run readiness exercises. - Drive awareness programs and targeted training, promoting a cybersecurity‑first culture. - Maintain strong engagement with senior leadership and coordinate cl...