Create New Account
Sign up to continue searching for suitable jobs in Web 3.0

OR
Terms of Use
Already have an account?

Log In to Your Account
Log in to continue searching for suitable jobs in Web 3.0

OR
Donā€™t have an account?
D-ploy
Security Risk Assessment Specialist
atĀ D-ploy
5 months ago | 185 views | 1 applications

Security Risk Assessment Specialist

Full-time
Switzerland

About the company

D-ploy is an IT and Engineering Solutions company with operations throughout the EMEA region including Switzerland, Germany, Czech Republic, Austria, UK, as well as the USA. We pride ourselves on delivering innovative and superior services and solutions to numerous industry-leading clients. By building relationships and trusted partnerships within the IT community, we optimize our customerā€˜s IT productivity and contribute to the organizationā€™s success and value. We are interested in talking to engaging, flexible, and solution-oriented individuals who are looking to become a part of a dynamically growing and international organization. We are focused on creating value where IT counts, join us!

Job Summary

Tasks and Responsibilities

šŸ“Support the design and improvement of the information security framework (ISF): policies, controls, procedures using the NIST Cyber Security Framework; including third party risk management. šŸ“Assess new and existing systems, data flows, business processes, and third party providers engagements and services to implement and verify compliance to the ISF reporting identified risks and issues to systems, processes and third party providers owners. šŸ“Perform information security risk assessments such as but not limited to: security business impact analysis (BIA) and business dependency analysis; security controls plans; controls maturity assessments; third party provider risk profiling, risk assessments and audits. šŸ“Maintains the information security risks and issues registers, deliver high quality reports and run information security committees meetings with business and IT mangement to manage risks. šŸ“Support the design and improvement of the third party information risk management policies, controls and procedures. Assist or lead assessment of information security risks arising from engagement with third party providers and drive remediation efforts. šŸ“Drive the design and implementation of a GRC platform including functional requirements, reviewing process designs, rolling out the new processes to the business and IT teams. šŸ“Support in the administration and maintenance of the GRC tool. šŸ“Design, improve and periodically report security key risk indicators and metrics to IT and business management to support continuous improvements and increase security maturity in our business processes. šŸ“Designs, and delivers the security education training awareness program (SETA) across all business functions. Manage external resources supporting the security awareness activities. šŸ“Desirable: Experience in implementing controls and managing compliance risks in regards to GXP regulated systems, data protection regulations such as EU and UK GDPR, CCPA, and cyber security regulations such as the EU NIS2, and the USA SEC Disclosure

Requirements.

šŸ“Minimun of 10 years of professional experience in information technology, at least 3 years as an information security risk manager, preferably in a pharmaceutical, biotechnology or in other manufacturing organizations. šŸ“Bachelorā€™s or Masterā€™s degree in information security, or in Information Technology. šŸ“Relevant information security professional certifications e.g. CISSP, CISM, CRISC, CISA, GSEC-GIAC, ISO 27001 auditor / practitioner. šŸ“Desirable: Training and or certifications in GRC platforms such as ServiceNow GRC, Archer, Metricstream; and the NIST Cyber Security Framework: Standards, Guidelines and Practises. šŸ“You are resilient and take accountability for delivering your work. šŸ“You are passionate about cybersecurity and is able to coach and help others who come from different backgrounds in information technology, compliance or information security domains. šŸ“You have a high level of personal integrity, ability to professionally handle confidential matters and convince others using appropriate level of judgment and maturity. šŸ“You have strong verbal and written communication skills in English, German is a plus. šŸ“You are a strong communicator: presentation and training, relationship management, consultation, negotiation. šŸ“You can work in a matrix and geographically dispersed organization. šŸ“All candidates must provide a Criminal record (not older than 3 months).

Similar jobs

about 6 hours ago | 7 views | Be the first one to apply
Full-time
Remote, United States, North America
$131,000 To $154,000 per year
8 days ago | 30 views | Be the first one to apply
Full-time
Palo Alto, North America
$170,000 To $210,000 per year
9 days ago | 33 views | Be the first one to apply
9 days ago | 38 views | Be the first one to apply
12 days ago | 62 views | Be the first one to apply
Full-time
Germany, Europe