Information Security Risk Manager

As Hungary’s most attractive employer in 2025 (according to Randstad’s representative survey), Deutsche Telekom IT Solutions is a subsidiary of the Deutsche Telekom Group. The company provides a wide portfolio of IT and telecommunications services with more than 5300 employees. We have hundreds of large customers, corporations in Germany and in other European countries.

DT-ITS recieved the Best in Educational Cooperation award from HIPA in 2019, acknowledged as the the Most Ethical Multinational Company in 2019. The company continuously develops its four sites in Budapest, Debrecen, Pécs and Szeged and is looking for skilled IT professionals to join its team.

As an Information Security Risk Manager, you will be part of a centralized information security governance team providing security risk management services across multiple Deutsche Telekom legal entities. The role focuses on operating and continuously improving the information security risk management framework, while supporting and enabling local risk managers through consultation, training, and professional use of GRC tools. You will contribute to transparent risk reporting, effective risk mitigation, and harmonized governance practices in a complex, multinational environment.

 

Your Tasks

• Operate and continuously improve the information security risk management process, methodologies, and related policies
• Ensure alignment with group-level security standards and governance requirements
• Support the integration of risk management into business and IT processes

• Act as a trusted advisor for supported legal entities on information security risk topics
• Train and upskill local risk managers on risk processes, methods, and policies
• Provide hands-on guidance during risk identification, assessment, and treatment

• Support professional usage of the GRC platform by local risk managers
• Assist in risk creation, maintenance, and lifecycle management within the tool
• Collect user feedback and represent business needs toward process and tool improvements

• Identify, create, and manage information security risks in cooperation with stakeholders
• Monitor and support risk mitigation actions, including follow-up on progress and effectiveness
• Ensure risks are properly documented and audit-ready

• Prepare and maintain Top 10 risk reports, quarterly risk summaries, and ad-hoc reports
• Define, monitor, and analyze risk KPIs and metrics
• Provide management with insights on risk trends and improvement areas

Qualifications

• Bachelor’s or Master’s degree in Information Security, Computer Science, Engineering, Business Informatics, or a related field
• High-level English language knowledge (spoken and written)
• At least mid-level German language proficiency

• 3–7+ years of experience in Information Security / Cybersecurity / Risk Management / GRC roles
• Experience in large enterprise or multinational environments

• Strong understanding of information security risk management frameworks (e.g. ISO 27005, NIST RMF)
• Knowledge of information security standards (e.g. ISO 27001, NIST, CIS)
• Ability to apply security governance principles in practical, business-aligned ways

• Strong communication and stakeholder management skills
• Ability to explain security and risk topics in business-friendly language
• Structured, proactive, and solution-oriented mindset

Additional Information

• Experience in training, coaching, or enablement activities
• Experience working in a shared service or internal consulting model is an advantage
• CRISC, CISM, CISSP
• COBIT, ITIL or similar governance-related certifications
• Hands-on experience with GRC tools (e.g. ServiceNow, Archer, OneTrust, or similar)

*Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.

* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.