The Elevion Group (member of the CEZ Group) is an international company headquartered in Prague and Amsterdam, employing over 5,000 people and generating revenues of around €1 billion. As a leading European provider of end-to-end decarbonisation and energy efficiency solutions, Elevion Group leverages its unique structure and pioneering spirit to deliver scalable capabilities across projects of varying sizes and complexities. Operating in more than 13 European markets—including the Netherlands, Germany, Austria, Italy, Poland, Romania, and Hungary—through over 80 highly specialized independent companies, the Group combines local expertise with the financial strength of a major international organization.

The role is ideally suited to an Information Security Officer who is process-driven and motivated to develop in-depth, hands-on expertise in modern IT and security platforms, including XDR, vulnerability management solutions, Azure cloud security, and advanced phishing awareness and risk management tools.

This position operates within the second line of defense and reports directly to the Chief Information Security Officer of the Elevion Group.

Kindly note that this role is located at the Elevion Group Prague office.

YOUR IMPACT

• You strengthen cybersecurity and information security governance across designated German entities within the Group.

• You ensure the effective implementation of Elevion Group security policies and standards in assigned companies.

• You lead NIS2 compliance initiatives and provide transparency on the compliance status of all in-scope entities.

• You advise and support management in identifying, assessing, and mitigating information security risks, enabling informed decision-making.

• You contribute to and help shape Group-wide security initiatives, driving alignment and continuous improvement.

• You proactively identify security risks, escalate them where necessary, and ensure that effective remediation plans are defined, implemented, and monitored.

• You safeguard operational resilience by overseeing and continuously improving Business Continuity (BCP) and Disaster Recovery (DRP) frameworks.

• You enhance the organization’s security culture by implementing initiatives that raise employee awareness of cyber threats and best practices.

• You establish and maintain regular assessments of cybersecurity maturity and effectiveness.

• You develop, maintain, and continuously refine cybersecurity policies, procedures, and documentation.

• You assess vendor and third-party security posture to reduce supply chain risk.

• You coordinate penetration tests, vulnerability scans, and follow up on remediation activities to strengthen the overall security posture.

• You actively contribute to the design and evaluation of impactful security awareness campaigns.

YOUR PROFILE

• You hold a university degree in Information Security, IT, Computer Science, or a related field.

• You bring at least three years of professional experience in cybersecurity and information security.

• You have a solid understanding of relevant industry standards and frameworks in information security and risk management.

• You possess strong knowledge of security technologies, as well as key security concepts and principles.

• You have sufficient technical IT expertise to engage confidently and effectively with IT teams.

• You demonstrate excellent communication skills and can translate complex technical topics into clear, business-friendly language.

• You are fluent in English and German; additional language skills are an advantage.

• You are curious and motivated to continuously expand your knowledge and stay current in the evolving cybersecurity landscape.

• You are characterized by loyalty, reliability, and a strong sense of responsibility.

• Professional certifications such as CISSP, CISM, CISA, or comparable qualifications are considered a plus.

WHAT WE OFFER

• Performance-based bonuses

• Vouchers for sports, culture, and leisure activities

• Contributions to health and insurance plans

• Team-building and company events

• Discounts on company products

• Opportunities for personal and professional development

• Flexible working hours

• Five weeks of annual leave

• Meal vouchers

You will be provided with a company laptop and mobile phone.

Candidates must be able to provide a valid work permit for the country of employment without requiring support for a work visa sponsorship.

Elevion Group does not accept unsolicited resumes from headhunters or recruitment agencies. We do not pay fees to third-party agencies or companies that do not have a signed agreement with Elevion Group.