Chief Information Security Officer (m/f/d)

The Role:
We are seeking a strategic and experienced Chief Information Security Officer (CISO) to lead and oversee the organisation’s information security program. Reporting directly to the Chief Legal & HR Officer, the CISO will be responsible for developing, implementing, and maintaining a comprehensive information security strategy that aligns with industry and with ARX corporate objectives, regulatory requirements, and risk management practices. 

The ideal candidate will be a collaborative leader with deep technical knowledge, proven strategic insight, and a strong understanding of relevant   standards (e.g. ISO/IEC 27001), legal and regulatory compliance, and corporate governance frameworks in the defence and security sectors. 
 
Key Responsibilities: 
Information Security Strategy 
• Develop, implement, and maintain an enterprise wide information security strategy aligned with the corporate strategy and evolving risk landscape.
• Champion information security as a business and management issue across all levels of the organisation.

Governance & Accountability 
• Define clear roles, responsibilities, and accountabilities for all aspects of information security within the organisation.
• Lead security governance initiatives and drive awareness and engagement at the executive and operational levels.

ISMS Implementation & Continuous Improvement 
• Establish, implement, and continuously enhance the Information Security Management System (ISMS) in accordance with ISO/IEC 27001 standards.
• Guide risk assessments, internal audits, and corrective action processes to maintain and improve ISMS effectiveness.

Policy Development & Monitoring 
• Develop, approve, and maintain security policies, standards, and procedures that support business operations while managing information security risks.
• Ensure consistent application and monitoring of security policies across the organization.

Compliance & Risk Management 
• Ensure compliance with all relevant legal, regulatory, and contractual requirements related to information security and data protection.
• Liaise with cross functional teams to monitor and respond to evolving regulatory landscapes.

Security Controls & Oversight 
• Introduce and manage appropriate security controls as defined in Annex A of ISO/IEC 27001, ensuring effectiveness and continual improvement.
• Oversee security technologies, incident response, threat detection, and mitigation strategies.

Your Profile:
• Proven experience in critical infrastructure industries such as defence, security or automotive, aerospace, robotics.
• Professional certifications such as CISSP, CISM, ISO/IEC 27001 Lead Implementer/Auditor or equivalent.
• Minimum [8–10+] years of progressive experience in information security leadership roles.
• Demonstrated success in implementing and maintaining ISO/IEC 27001 ISMS in a complex business environment.
• Expertise in NATO AQAP / NATO Security Policy / IEC 62443
• Strong knowledge of regulatory frameworks and information security risk management principles.
• Excellent leadership, communication, and stakeholder management skills.
• Experience working closely with legal, HR, and compliance functions is highly desirable.
• Fluency in English and German is a must.

Benefits and Perks:
• Competitive salary and benefits package
• A shaping role in an emerging dual use company
• Opportunity to work with a highly innovative, international, and dynamic team
• Room for professional growth and development
• Participation in the company's success, with access to regular events, knowledge exchange and meetups