Head of Information Security GRC (m/f/d)

We are the world market leader for reusable packaging containers (RPCs) for fresh food and are constantly optimizing our products.

We help make the food supply cycle for the population more sustainable. With our RPCs, safety for food transport is improved, there is less waste of food and at the same time the lifespan of the products increases. Through our products and the need for less packaging materials we reduce the carbon footprint.

„The future is circular“

Key responsibilities:

• Security Governance & Risk Management – Oversee and enhance IFCO’s information security policies, standards, and governance processes, including robust risk management frameworks.
• Cyber Risk Coordination – Connect asset owners with risk owners to identify, assess, and mitigate cyber risks across the organization.
• Compliance & Certifications – Maintain IFCO’s compliance with client, regulatory, and certification body requirements (e.g., ISO standards), ensuring readiness for audits and renewals.
• Performance & KPI Tracking – Develop, monitor, and report on key performance indicators to measure and improve the organization’s security posture.
• Third-Party Risk Management – Lead the assessment and monitoring of external vendors to ensure compliance with IFCO’s security requirements.
• Training & Awareness – Design, implement, and deliver user awareness programs to strengthen security culture and best practices.
• Client Engagement – Prepare accurate and timely responses to client security questionnaires, proposals, and tenders, supporting both renewals and new business.
• IT Disaster Recovery – Maintain and enhance the IT Disaster Recovery Program to ensure business continuity.

We expect:

• Proven Risk Management Expertise – Extensive experience in IT and/or information security governance, with a strong focus on risk management processes.
• Extensive Professional Background – Several years of experience in governance functions (IT, PMO, ideally in a senior GRC role) and some years in information security risk management.
• Recognized Certifications – CRISC or equivalent in risk management, plus CISM, ISSMP, CCISO, CGEIT or similar credentials in information security management and governance.
• Analytical & Strategic Mindset – Strong ability to evaluate quantitative aspects of security and risk (e.g., packaging, shipping, shrink, labor) and translate insights into actionable strategies.
• Self-Starter Mentality – Independent, proactive, and results-driven, with a “can do” approach and the ability to work effectively in a matrix environment.
• Communication & Relationship Skills – Excellent presentation, negotiation, and stakeholder management skills, with the ability to build strong business relationships at all levels.
• Language Proficiency – Fluent in English; German and Spanish or additional languages are a strong plus.

We offer:

• Make a difference where it matters – Play a key role in a sustainable and future-proof industry.
• A culture of appreciation and respect – Join an international team where collaboration thrives.
• Flat hierarchies, fast decisions – Your ideas matter and drive real change. 
• Work your way – Enjoy hybrid work and workation options. We provide everything you need for effective remote work.
• Delicious & healthy meals – Weekly changing menus from our online canteen Bella & Bona, subsidized by IFCO. 
• Unlimited learning opportunities – Access to unlimited LinkedIn Learning. 
• Support when you need it – Our Employee Support Program.
• Modern office – open office spaces, modern and digital devices.
• Boost your energy – Free beverages and a modern fitness centre to keep you going.
• Car parking and seamless transport connections – Enjoy underground parking and a train station (S7) right next to our door.

At IFCO, we believe that a diverse, equitable and inclusive workplace makes us a more relevant, more competitive, and more resilient company. We welcome applicants from all backgrounds, ethnicities, cultures, and experiences. IFCO is an equal opportunity employer.