Cybersecurity and Privacy GRC Specialist
We are a community of solvers combining human ingenuity, experience, and technology innovation to help organisations build trust and deliver sustained outcomes.
Our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.
The Role
This is what you can expect:
Areas of Responsibility
As part of the Cybersecurity and Privacy team, you will work on a variety of cybersecurity and privacy GRC topics and on various types of client engagements.
You will face exciting challenges at the crossroads between laws and regulations and information security. As part of our interdisciplinary team, you will advise clients on the implementation of relevant legal requirements.
Broad Spectrum
Your focus lies on DORA, the Cyber Resilience Act, NIS2, the EU AI Act, and Data Privacy Laws (EU & CH).
You will assess the maturity of clients with laws and regulations concerning cybersecurity, data privacy, and/or other digital domains, perform gap assessments, assess risks, and propose measures to reduce risks and draft recommendations.
Responsibility
We will give you the opportunity to take responsibility and work independently within the scope of the tasks assigned to you.
* You have a Master's or bachelor's degree or an equivalent professional qualification in law, business administration, or computer science. Additional certificates such as CIPP/E, CIPM, CIPT, AIGP, ISO/IEC 27001 Foundation, or SSCP are a plus.
* You have at least 2 years of relevant experience with the topics described above.
* You are knowledgeable about laws and regulations on cybersecurity and privacy of the EU (and also ideally of Switzerland) and possibly other jurisdictions. You understand their impact on globally operating companies that have to comply with the requirements of multiple jurisdictions.
* You have a solid foundational understanding of IT and Cybersecurity.
* You can work from high-level legal requirements to detailed measures, operationalizable actions, and pragmatic implementation efforts.
* You have a high degree of initiative, self-organization, and sense of responsibility.
* You have strong verbal and written communication skills to interact effectively with all levels of management and staff.
* You are fluent in English and (ideally) also in German and/or French.
Required Skills
Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture.