Key Responsibilities:
* Develop and Maintain a Comprehensive Security Framework: Create and maintain a modern, enterprise-wide security architecture for IT and OT systems that aligns with ISMS and business objectives.
* Threat and Vulnerability Assessment: Conduct thorough threat and vulnerability assessments, implementing effective mitigation strategies to ensure the security of our systems.
* Security Incident Management: Manage the security incident management process as part of our company-wide business continuity plan. Handle security incidents to minimize disruption and ensure timely restoration of operations.
* Security Monitoring and Analysis: Monitor and analyze security alerts using SIEM tools and other systems. Investigate, document, and respond to security breaches, providing detailed post-incident analysis.
* Continuous Improvement: Lead the continuous improvement of the incident response process in collaboration with internal and external stakeholders.
* Cybersecurity Awareness: Conduct group-wide security awareness campaigns to educate employees on cyber risks such as phishing and social engineering.
* Vulnerability Management: Perform regular vulnerability assessments and coordinate remediation activities. Provide regular internal communications to promote security-conscious behavior.
* Information Security Consultation: Coach and consult business units on all aspects of information security.
Requirements:
* Education: Higher education in information security, with a focus on technical security (e.g., IT security)
* Certifications and Training: Preferably, additional training in OT security topics. Certifications and further education in information and IT security are highly valued.
* Experience: At least 3 years of practical experience in a comparable position, ideally in an international industrial company. At least 5 years of proven, hands-on experience in implementing information security concepts based on international standards/best practices (e.g., IEC 62443), ideally in an international industrial environment.
* Skills: Comprehensive, up-to-date InfoSec knowledge, including technology. Proven experience in leading international security projects, primarily on a technical level. Experience in cybersecurity incident detection and response, with or without SOC support.
* Language Skills: Fluency in English is essential.
* Travel Requirements: Willingness to travel internationally on occasion.
We Offer:
* A Challenging Environment: A challenging environment in a global company that leads the industry.
* Flexible Work Arrangements: Limited remote work is possible; however, residing close to our manufacturing sites is preferred.
* Attractive Employment Conditions: Attractive employment conditions, professional development, and career growth opportunities.
* Collaborative Team Culture: A collaborative and forward-thinking team culture.