Beschreibung
Job Code: 2101T15AGerman speaking proficiency is required for this role
Responsibilities:
1. Implement the remediation activities necessary to raise the maturity level of Information Security, Physical Security and security awareness at site to ensure compliance with the TISAX requirements
2. Undertake information security risk assessments and implement the necessary remediation actions to mitigate the risks
3. Ensure a strong local alignment from the site with the information security team.
4. Create and implement local process and process and procedures, feeding back to global InfoSec areas and the TISAX programme where improvements or updates could be made.
5. Act as a local ambassador for the global InfoSec team and deliver information security communications and training sessions on the changes and requirements needed at the local sites for TISAX compliance
6. Gain local management commitment and resources to support the TISAX programme and Information Security requirements
7. Become a credible and recognized information security point of contact at site to influence at all levels. Educate the business functions and interact successfully with all oversight functions(risk, audit, legal, procurement, etc.)
8. Provide Information Security Expert consultancy and advice
9. Deliver a local security training and awareness programme, including translation of global policy and process in local language, promoting key messages using a range of communication tools such as roadshows, forums, leaflets, intranet, etc.
10. Monitor the IT and Information Security risks at local level, keeping local management and global InfoSec informed.
11. Contribute to and manage the production of management level security related reports
12. BE a member of the site incident response team, taking the lead on all information security and IT Security Matters
13. In close collaboration with the global InfoSec team, manage the security assurance and accreditation of 3rd party suppliers.
Must Have :
1. Previous proven experience in Information Security with Evidence of influencing and implementing major information security cultural changes.
2. Experience and Knowledge of recognized frameworks and standards. e.g. TISAX ISO27000
3. Experience of physical security measures and their implementation
4. A degree in computer science, IT Security or a related field.
5. Experience in undertaking information security risk assessments, implementing remediation actions and producing metrics.
6. A good awareness of IT and OT Security Technology and best practices.
7. The ability to conduct gap analysis, summarize results and produce remediation plans.
8. Excellent stakeholders management and collaboration skills, with the ability to work across teams and departments at all levels.
9. Good Communication skills and the ability to get messages across to users at all levels, making use of a range of communication methods and techniques, to communicate information security and risk related concepts to both technical and non-technical audiences
10. Ability to work on own initiative and meet personal timescales whilst successful working as part of a global team and actively contributing to overall team objectives
11. Good organizational skills and attention to detail
12. Excellent English and local language written and oral communication skills
Good To Have :
1. A recognized information security certificate, e.g. Certified Information System Security Professional(CISSP), Certified Information Security Manager(CISM).
2. Knowledge of applicable data privacy practices and laws(EU GDPR)
Experience of working in the automotive sector