Designing, establishing, managing, and advancing an information security management system (ISMS) in line with ISO/IEC 27001 and BSI baseline protection, Preparing decision papers on information security to provide tactical and strategic support for the Executive Board and chief information officer (CIO) of TU Berlin, Defining and implementing information security objectives and protection requirement analyses in close coordination with the chief risk officer (CRO) of TU Berlin to ensure holistic risk management, Providing technical and security-related expertise to support the CIO in the strategic alignment of IT security, Establishing, updating, and operational implementation of emergency management (emergency preparedness and emergency plans) for information security risks and cyber incidents in coordination with Campus Management (ZECM) and the CRO to ensure business continuity, Representing TU Berlin in relevant committees on information security, including national and international networks and cooperation with CERTs and authorities, Advising and supporting the CIO, Campus Management, the University Library, and the faculties on security-specific issues such as cybersecurity risks, compliance (EU GDPR, German IT Security Act) and the implementation of security standards and best practices for technical and application-specific IT operations with the support of the University's Computer Emergency Response Team (TU CERT), Developing and managing TU CERT for proactive threat detection, incident response and forensics, and cooperating with other CERTs and authorities, Coordination in the event of information security incidents and support in managing them, including crisis management and recovery measures together with TU CERT and in close coordination with the CIO, Reporting on the status quo of information security to the Executive Board and relevant stakeholders, including defining and monitoring KPIs, Advising and supporting TU Berlin employees on information security issues, Creating suitable training materials and implementation of security awareness training courses to raise awareness among TU Berlin employees, Advising and support in the development and implementation of modern security concepts such as Zero Trust, Identity and Access Management (IAM), cloud security, and AI-based security solutions
