Information sec.
officer - governancesan luis potosi, mx, 78395objective of the positionthe regional information security governance (risg) aligns the information security strategy with the protection needs of our critical information assets, external requirements and assessed risks.
further, he/she handles and challenges all kind of information security incidents in close collaboration with the relevant stakeholders and reports to the ciso.act as internal and external contact person within his/her own area of expertise (e.g., act as process interface between isc und ciso for parts of information security subjects); cooperate in internal working groups (e.g., as an advisory function).create internal publications (e.g., internal policies as required by iso/iec-27001 / tisax, directive on the use of cryptographic measures, etc.)
and support external publications (e.g., in professional journals or at professional meetings, etc.)
and present (internal).recognize general need for continuing education in his/her own field within the company; plan and conduct internal and external training on complex topics, both domestically and in other countries (e.g., design and conduct awareness trainings, etc.
).support in determining and optimizing internal standards and complex processes within his/her own area of expertise (e.g., analyzing and optimizing existing processes/directives, identify improvement potentials and risks according to technical developments and interactions with corporate security, functional units, internal instructions, etc.
).observe/identify trends in his/her area of expertise in order to develop concepts (e.g., public/private cloud, etc.
); suggest recommendations for action (e.g., conduct market analysis on risks and/or security architecture, suggest technical secure further development, etc.
).conduct mainly conceptual activities within his/her area of expertise (e.g., development/preparation of directives and standards for information security) taking into account applicable requirements (e.g., laws, internal/external regulations, iso/iec-27001, tisax etc.
).consult in further development of one or more sub-areas of enterprise-wide information security in coordination with the ciso (e.g., working out concepts and initiating measures for improving information security).design the policies and processes within information security (e.g., risk management, incident management, etc.)
aligned with applicable corporate and group standards (e.g., classifying and processing risks within the risk2value process, internal audits according to definition, requirement from iso/iec-27001, tisax, etc.
).requirements:professional career:experience with iso27x series and tisax 3-5 years.experience on audits as auditee and auditor 3-5 years.experience on global projects 3-5 years.experience with it-ot/cybersecurity 3-5 years.technical knowledge:excellent knowledge of iso27x series standards and tisax framework.broad expertise in information security and it-ot/cybersecurity available.ability to challenge processes & projects for information security risks.expert knowledge of cyber security architectures and state of the art solutions.ability to manage audits as auditee and auditor.proactive attitude with continuous improvement mindset.automotive knowledge is an advantage.languages:english advanced level.¡continue with your professional development and apply now!
#j-18808-ljbffr