Share this Job

Cyber CSIRT Manager (m/f/d)

Date: Oct 19, 2021

Location: Germany, Germany

Company: Telefonica S.A.


Contract type: full-time, unlimited
Location: Munich

Entry: At the earliest possible date


Who we are?

We are Telefónica / o2 - with our mobile brands we connect millions of people and offer our customers mobile freedom in the digital world. As a leading telecommunications provider, we are also playing a key role in shaping digitisation in Germany. Our fixed and mobile networks form the backbone for the digital transformation of the economy and society. And our approximately 8,500 employees in Germany drive the transformation forward every day - in our own company as well.

Telefónica is one of the top employers in Germany and is part of the global telecommunications group Telefónica S.A. with 130,000 committed employees worldwide.

You too can become part of our unique team and let us make a difference together!


What are your challenges with us? 

  • Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Investigates major breaches of security and recommends appropriate control improvements.
  • Contributes to development of information security policy, standards and guidelines.
  • In relation to incident response & management the role supports monitoring of the external environment and assessment of emerging technologies to evaluate the potential impacts, threats and opportunities to the organization.
  • Contributes to the creation of reports, technology road mapping and the sharing of knowledge and insights.
  • Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
  • Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.
  • Implements stakeholder engagement/communications plan.
  • Being the point of contact to drive all cyber incidents managed by CDC. 
  • Leading the development of analysis and response for security incidents on a global scale in areas such as data loss prevention, encryption technologies, and advanced persistent threat.
  • Oversee all aspects of incident management process from evaluation to resolution.
  • Operate outside normal office hours and being on call as necessary.


What are you bringing?

  • Successfully completed a BS.C in IT/Computer science degree or a similar degree
  • 10+ years of experience with Cyber Security related activities
  • 8 years of experience in leading a team of Security incident managers in a mature CSIRTS in a large corporation
  • Experience in dealing with cyber incidents and board escalations
  • Security project and program management experience
  • Proven experience in security operation and monitoring
  • Strong understanding & knowledge of regional and global market landscape and the respective customer
  • Being able to work with a diverse set of stakeholders in the organization from technical through board level
  • Strong written and verbal communication in English, German and Spanish
  • High level knowledge of security risk management process
  • Understanding of crisis management, business continuity and disaster recovery plans and procedures
  • Strong report writing and communication skills
  • Ability to manage projects, milestones, and deliverables for business-related objectives.
  • Ability to review, edit, and manage business critical documentation, requiring strong written and verbal communication skills
  • Ability to understand technical topics dealing with technical teams and explain and present them to management level executives
  • Being able to handle multiple competing priorities in a fast paced environment to proceed high priority tasks to a resolution
  • Strong track record of managing performance to deliver against challenging KPIs and continuous improvement initiatives.
  • Prior involvement in managing major cyber incidents
  • Relevant certifications such as CGIH, CISM  and CISSP
  • Familiarity with risk management and controls frameworks, cyber kill chain and NIST Incident response life cycle
  • Familiarity with related publications such as: NIST 800-61 (incident handling), SANS Incident Handling Handbook, NIST 800-30 (risk assessment), NIST 800-52 (controls)


Your benefits

Workplace: Modern and ergonomically equipped offices, as well as an open space and open desk model.

Communication: A smartphone of your choice (incl. contract) and the possibility to provide for family and friends is a matter of course for us.

Catering is taken care of: Free coffee specialties and water are at your disposal at any time as well as a canteen and a cafeteria.

Individual development: With a personal development plan and continuous training you will reach your goals with us. In addition, with "Beyond" you can also get a taste of other interesting areas by means of job or project rotations.

Retirement provision: Various models of retirement provision are available to you (e.g. capital-forming benefits, company pension scheme, etc.)

Social commitment: We are also involved outside the company, you have the opportunity to participate in Telefónica "Volunteering Days" or "Volunteering Holidays", for example.


How to apply and what else you should know?

Convince us with your meaningful curriculum vitae as well as corresponding certificates. You do not need a letter of motivation with us. Please note that applications are only possible via our applicant portal and applications by e-mail cannot be considered.


Do you have questions about our application process and are you interested in further information about the position? Then please contact the responsible recruiter.


Recruiter: Janis Martin Schippan



In case of same qualification, applicants (m/f/d) with severe disability will be preferred. All gender are equally welcome.