Principal IT Solutions Consultant – Information Security risk Management

Your IT Future, Delivered. Information Security Risk Management Consultant

With a global team of 5600+ IT professionals, DHL IT Services connects people and keeps the global economy running by continuously innovating and creating sustainable digital solutions. We work beyond global borders and push boundaries across all dimensions of logistics. You can leave your mark shaping the technology backbone of the biggest logistics company of the world. All our locations have earned the #GreatPlaceToWork certification, reflecting our commitment to exceptional employee experiences.

Digitalization. Simply delivered.
At IT Services, we are passionate about technology. Our Information Security Assurance team is continuously expanding. No matter your level of Information Security Risk Management proficiency, you can always grow within our diverse environment.

#DHL #DHLITServices #GreatPlace

Grow together.

Safeguarding the integrity of DHL's operations and ensuring compliance with regulations is at the heart of our mission. As an InfoSec Risk Management Consultant, you will provide expert day-to-day support for our Information Security risk management activities, playing a critical role in identifying, assessing, and mitigating risks that could impact our business continuity and reputation.

You will collaborate with a wide range of stakeholders—IT teams, compliance experts, service owners, and external partners—to ensure risk mitigation measures are clearly defined, practical, and aligned with the DHL Group Information Security Policy and Process Implementation Standards.

In addition to risk processing, you will also support the creation, review, and maintenance of Information Security Concepts (ISCs) for IT Services.

Your work will help ensure that:

• security controls and processes are properly defined and documented,
• roles and responsibilities are clearly assigned,
• risks and required controls are captured and linked to the security classification of data,
• operational processes (patching, change/release, incident handling, BCP) follow Group standards,
• technical and organizational measures meet DHL Group’s Information Security Target Model (ISTM) and policy requirements.

You will help service teams understand what needs to be documented and how to design an ISC that is complete, auditable, compliant, and aligned with Group security expectations.

When compliance issues or emerging threats occur, your clear and proactive communication will support timely resolution. You will also act as a trusted advisor for our internal Information Security Management System (ISMS), proposing and implementing required changes to keep our framework continuously improving.

Your expertise with risk methodologies, assessments, and awareness activities will help strengthen DHL's global risk culture and support teams in making informed decisions.

Ready to embark on the journey? Here’s what we are looking for:

Experience

• 7+ years in Information Security, IT Risk Management, IT Audit, or similar
• Practical experience with ISO 27001, NIST CSF, COBIT, or ITIL
• Hands‑on involvement in writing or reviewing structured security documentation (e.g., ISCs, ISMS procedures, policies)
• Experience working in a large, multinational IT environment

Expertise

• Strong understanding of risk assessment methods and security controls
• Ability to translate security requirements into clear, actionable guidance
• Skilled at working with technical and business stakeholders
• Fluent English (written and spoken)
• Certifications such as ISO 27001 Lead Implementer/Auditor, CISM, CRISC, or CISA

An array of benefits for you:

• Hybrid work arrangements to balance in-office collaboration and home flexibility.
• Annual Leave: 42 days off apart from Public / National Holidays.
• Medical Insurance: Self + Spouse + 2 children. An option to opt for Voluntary Parental Insurance (Parents / Parent -in-laws) at a nominal premium covering pre existing disease.
• In House training programs: professional and technical training certifications.