Information Security & Business Continuity Officer

MAKRO is the Portuguese subsidiary of the METRO Group, a leader in the large-scale distribution market. We are present in 25 countries and our purpose is to live the passion for Portuguese gastronomy, bringing its diversity to the world.

We are a global company that operates locally. Our products and services set the standards for the future: customer focus, technological innovation and sustainable business models. We are the HoReCa channel's partner of excellence.

Diversity and Inclusion are essential values at METRO and are integral to our success. By promoting a culture of respect, fairness and equal opportunities, we create a work environment where all our employees can feel valued and respected.

That's why at makro you have "m formas de acrescentar valor". It is with this motto that we celebrate who we are, how we work and the power of our "m", which represents the best there is in our team and the positive impact that, every day, we create together.

As Information Security & Business Continuity Officer, you will ensure that the proper governance is in place in the respective local entity to align the information security strategy with our business strategy and to support the respective local entity to implement the needed organizational and technical measures to manage risks and regulatory obligations and to increase the overall level of maturity in regards of Information Security.

Responsabilities:

• Implement and adapt the METRO AG ISMS to secure the adherence of the local organization and partners to METRO AG ISMS, guidelines and requirements related to Information Security;
• Plan and coordinate the execution of IT and IS risk assessments (including Third-party risks);
• Develop and implement yearly action plan to reduce risks level and increase maturity level aligned with METRO continuous improvement process and ambitions set by METRO AG Board;
• Develop and execute awareness campaign and targeted training for all business functions in the local organization;
• Report IT and IS related information (risks, incidents, and KPIs) to the CISO organization;
• Oversee and coordinate incident response crisis management in relation to information security in collaboration with the CISO organization at METRO AG;
• Support the Legal department with evaluation of relevant information security local laws and regulations;
• Collaborate with the local Data Protection Officer (DPO) and Local Security Officer (LSO) to define, manage and improve relevant interfaces;
• Manage the contact with local cybersecurity agencies (if needed)​;
• Implement and adapt the Business Continuity Management (BCM) Plan of METRO AG to the local organization;
• Report information and activities related to the definition and execution of the local business continuity plan to the BCO of METRO AG;
• Supervise and coordinate crisis management and incident response in collaboration with the local organization and the CISO/BCO of METRO AG;
• Perform local information security assurance activities (pen-testing, etc.) and business continuity activities (training, testing, etc.);

Qualifications: 

• Bachelor's or Master's degree in Management, Computer Engineering, or Security.
• More than 2 years working in large companies/group;
• Proficient in English;
• ISO 27001 certification (should be a plus);
• ISO 22301 certification (should be a plus);
• Project track record in similar position;

Apply now and let’s shape the future together!