Head of Cyber Strategy & Technology (f/m/d)

Step out of your comfort zone, excel and redefine the limits of what is possible. That's just what our employees are doing every single day – in order to set the pace through our innovations and enable outstanding achievements. After all, behind every successful company are many great fascinating people.

In a spacious modern setting full of opportunities for further development, ZEISS employees work in a place where expert knowledge and team spirit reign supreme. All of this is supported by a special ownership structure and the long-term goal of the Carl Zeiss Foundation: to bring science and society into the future together.

Join us today. Inspire people tomorrow.

Diversity is a part of ZEISS. We look forward to receiving your application regardless of gender, nationality, ethnic and social origin, religion, philosophy of life, disability, age, sexual orientation or identity.

Apply now! It takes less than 10 minutes.

Welcome to ZEISS – a company that combines innovation and responsibility! Our corporate functions are diverse and make a decisive contribution to the strategic orientation and sustainable success of ZEISS.

The Head of Cyber Strategy & Technology is responsible for leading the global function responsible for the development, review, and implementation of the ZEISS Cyber Security Strategy. This role is central to enable the organization by setting strategic direction and a holistic cyber security architecture for ZEISS.

Through the translation of strategy into actionable roadmaps and artifacts, this function provides clear guidance to the global ZEISS organization, enabling impactful execution, global alignment and measurable risk reduction. By leading efforts identify and consolidate gaps, prioritizing initiatives, and fostering a joint vision, it drives effective strategy implementation and cyber resilience against evolving threats and risks.

Your Role

• Strategy & Leadership: Take ownership of the ZEISS Cyber Security Strategy and Architecture, ensuring state-of-the-art cyber capabilities and priorities that align with the needs of ZEISS. Lead the definition and orchestration of the strategy lifecycle, closely integrating it with the global business strategy and digital transformation initiatives. Drive communication, accessibility, and alignment of the cyber strategy and architecture with relevant stakeholders to enhance coherence, efficiency, and impact.

• Cyber Security Enterprise & Domain Architecture: Establish cohesive cyber architecture principles, target pictures, and roadmaps across security domains, ensuring state-of-the-art cyber capabilities across infrastructure, product and operations. Drive alignment with Enterprise Architecture to maintain consistency and integration of security aspects. Continuously refine the security architecture by proactively identifying gaps and driving solutions to address them.

• Strategy Execution: Drive the execution of the strategy by defining and implementing target operating models for cyber capabilities, considering technology, processes, and organizational aspects. Work closely with operational teams to ensure effective implementation and deliver measurable outcomes for ZEISS, lowering cyber risk to acceptable levels. Continuously monitor and report on the progress of strategy execution.

• Strategic Advisory & Enablement: Provide strategic advisory and guidance to ZEISS and its business units, enabling the effective adaption and implementation of the cyber strategy. Ensure a continuous feedback loop by gathering real-world insights and leveraging them to refine and adapt the strategy for improved outcomes. Collaborate with adjacent teams to describe and refine controls that realize the desired strategic outcomes.

• Innovation & Trend Scouting: Lead a structured exploration of emerging technologies and industry developments to guide the proactive adoption of next‑generation security capabilities. Continuously monitor evolving threats, technologies, and global trends to refine strategic direction and adjust priorities accordingly.

• Cyber Security Analytics & Reporting : Embody the data-driven mindset and enable data-driven decisions across all levels by integrating available data sources and aggregating them to meaningful dashboards that support informed decision making across all management-levels.

• Red Teaming & Pentesting: Lead a robust red teamining and penetration testing program across ZEISS to proactively challenge the cyber architecture and capabilities of ZEISS' infrastructure, product and operations. Provide consolidated and actionable insights to strengthen cyber posture and reduce risk across ZEISS.

• Leadership & Development: Functionally and disciplinarily leading a global team with high strategic relevance, this role fosters a culture of collaboration, innovation, and accountability within their team. The role involves leading and developing a high-performing global team, providing clear direction, mentorship, and opportunities for professional growth. By promoting an inclusive and empowering environment, this leadership position is a role model for ZEISS values and strategic goals, while driving engagement and motivation across the organization, cultivating strong relationships with stakeholders to achieve shared success.

Your Profile

• Advanced degree in Information Security, Information Systems, Cyber Security, IT Security, Engineering, Security Engineering or a related discipline (Bachelor's or Master's degree) or an equivalent mix of education and professional experience.

• Proven professional experience in cyber security across multiple fields with related senior or leadership roles across global organizations.

• One or more relevant and current information security certifications from an established organization (such as CISSP, CISM, CRISC, CISA, ISO/IEC27001 Lead Auditor or Implementor or equivalent).

• Proven track record in developing and executing enterprise‑wide cyber security strategies, including translating strategic goals into actionable roadmaps and target operating models.

• Demonstrated experience in designing and governing holistic cyber security architectures across IT, product, and operational environments including the systematic identification and closure of gaps.

• Leadership experience in shaping, maturing, and implementing cyber capabilities across people, processes, and technology.

• Extensive experience advising senior leadership and business stakeholders on cyber strategy, synergetic security services, architectural decisions, and strategic priorities.

• Proven ability to assess emerging trends and developments and translating them into strategic direction and capability requirements.

• Experience in leveraging offensive security strategies to challenge capabilities and assess resilience of infrastructure, product, and operational environments. Demonstrated ability to translate findings into architectural improvements and strategic control enhancements.

• Experience in functionally and disciplinarily leading international and global teams within a business or technical environment, demonstrating a proven track record of strategic planning, team development, and operational excellence.