Job Description

Role Summary

The ITSO ensures the implementation of operational IS and IT security measures and requirements in the 1st line in accordance with the internal requirements established by the Risk Management function. In addition, ITSO supports CITSO in implementing operational IS and IT security measures within the central IT organization. ITSO role outside the central IT organisation: An ITSO may be established in individual entities that are not supported by central IT. In this case, the ITSO is appointed by the local IT management and executes the tasks outlined in the CITSO role description. The local ITSO must collaborate with the respective ISO to ensure an effective ISM.

Duties and Responsibilities

Contributes to defining IT security requirements in alignment with relevant Group-wide norms Supports the ISRM activities, providing expertise on risk assessment and treatment Supports conduction of IT security training and awareness measures. Implements and maintains IT security requirements in alignment with the Group-wide norms related to IS and ISM Designs and implements security measures based on the Group NFR Control Catalogue and the requirements of this Policy Defines 1st line IT security relevant processes in alignment with 2nd line requirements Designs and implements a sound technical security infrastructure by setting security architecture principles Conducts regular or ad-hoc security assessments within the 1st line, such as Vulnerability Assessment and Penetration Testing (VAPTs) to identify and remediate any vulnerabilities Consults and supports the Control Implementation Responsible regarding the implementation of IT related controls as well as risk mitigating measures in context of ISRM Ensures a proper conduct of control-based risk assessments for IT related controls Designs and implements IT trainings related to IS.




The ITSO further supports the 2nd line, especially in the following tasks:


Executes the security incident process and ensures a proper involvement of the 2nd line according to the defined process Monitors IS risks and reports significant or high risks to the ISO Ensures that the responsible ISM function (e.g. ISO) is informed about IS incidents in a timely manner Informs the responsible ISM function (e.g. ISO) about major projects with IS relevance, and provides additional necessary information upon request Supports the implementation of awareness measures within IT.

Core Competences

Cybersecurity Fundamentals: Deep understanding of foundational security domains such as network security, encryption, vulnerability management, and incident response. Risk Assessment & IT Risk Management: Ability to assess, classify, and mitigate IT and cybersecurity risks using recognised frameworks; includes policy development and risk analysis. Threat & Incident Management: Competency in identifying, tracking, analysing, and responding to security threats and incidents. Knowledge of operational cyber defence processes is key. Compliance, Governance & Auditing: Understanding regulatory, organisational, and industry security standards. Ability to conduct or support audits, ensure compliance, and advise on policy adherence. Data Security & Access Control: Competence in applying controls to ensure confidentiality, integrity, and availability of information; includes access management, media control, and data lifecycle protection. Security Tools Expertise: Hands-on experience with tools such as vulnerability scanners (e.g., Tenable, and endpoint / network monitoring systems. Analytical & Problem-Solving Skills: Ability to analyse logs, detect patterns, identify vulnerabilities, and resolve security gaps. Often requires strong investigative skills. Policy Development & Implementation: Competence in writing, updating, and enforcing cybersecurity policies, procedures, and security standards. Communication & Leadership: Strong communication skills for advising stakeholders, training staff, and influencing security practices across the organisation. Leadership is essential for coordinating multi-team security functions. Identity & Access Management: Proficiency in managing user accounts, access rights, identity systems, and privileged access controls. Incident Response & Recovery: Ability to plan, execute, and evaluate incident response processes, including containment, eradication, forensics, and recovery. Continuous Learning & Awareness: Staying current with cybersecurity trends, zero-day threats, and best practices; conducting security awareness training for staff.

Skills and Competencies

Customer Service Orientation: Provide excellent customer service, ensuring user satisfaction. Technical Support Skills: Ability to troubleshoot and resolve user issues efficiently. Communication: Communicate clearly with users and stakeholders, ensuring alignment on support processes. Documentation Management: Maintain accurate and up-to-date support documentation. * Initiative & Continuous Improvement: Identify opportunities to enhance support processes and system reliability.