IT Security Assessments Coordinator

Job description

IT Security Assessments Coordinator 100% (m/f/d)

Tasks

• Stakeholder Engagement: As central contact person for all penetration testing activities, coordination with internal stakeholders (Application Owners, Development Leads, Product Owners) and external security experts.
• Requirements gathering: Organize and lead meetings to gather the necessary technical and business context to accurately define penetration tests, ensure alignment between business requirements, technical constraints and security best practices.
• Vendor Coordination: Managing relationships with external penetration testing vendors, including communication, ensuring adherence to schedules and delivery dates, and reviewing terms of reference.
• Logistics & preparation: Coordination of preparatory activities, such as providing access, setting up the environment and ensuring all necessary documentation.
• Findings management: tracking identified vulnerabilities using our Jira and ServiceNow systems, following up with application and service owners to ensure timely remediation, providing guidance and answering questions about findings.
• Expert Liaison: Work closely with our senior security experts to ensure technical accuracy of test scopes, validate findings and escalate complex technical issues as required.
• Reporting & Communication: Regular updates and reports on the progress of penetration tests, findings, remediation status and key risk indicators to the Head of Security Compliance and other relevant stakeholders.

Requirements

Necessary requirements:

• Bachelor's degree in computer science, information security or a related field.
• 3+ years of experience in a project management or coordination role in an IT or security context.
• Proven ability to manage multiple projects simultaneously, with strong organizational and time management skills.
• Excellent communication (written and verbal), interpersonal and stakeholder management skills, with the ability to build relationships and influence outcomes.
• Basic knowledge of web application security concepts and the OWASP framework.
• Familiarity with the typical phases and methods of penetration tests.
• Experience with issue tracking systems (Jira preferred) for managing tasks and workflows.
• Highly reactive and proactive, with a commitment to timely communication and problem solving.

Desirable requirements:

• Basic knowledge of infrastructure security concepts.
• Experience in the financial services industry.
• German language skills.

We offer

No specific benefits or offers mentioned in the text.