Head of EL Cyber Governance, Compliance & Enablement
Social network you want to login/join with:
Head of EL Cyber Governance, Compliance & Enablement, Darmstadt
Client:
Location:
Job Category:
Other
-
EU work permit required:
Yes
Job Reference:
e10651ec3df2
Job Views:
2
Posted:
01.04.2025
Expiry Date:
16.05.2025
Job Description:
As the Head of Cyber Security Governance, assurance, and risk management, you play a pivotal role within the Electronics (EL) cyber security team, reporting directly to the EL CISO. Your responsibilities include tailoring corporate cyber security structures to EL's needs, supporting on an operational level, and ensuring constant alignment with Merck corporate cyber security. Your role is crucial in protecting Merck EL information assets and maintaining a robust cyber security posture.
Key Responsibilities:
- Develop and enhance risk management, compliance, and governance frameworks, aligning with industry best practices and regulatory requirements.
- Lead teams in developing and maintaining cyber security procedures, standards, and risk management frameworks, including third-party security risks.
- Ensure compliance with legal, regulatory, and industry requirements (e.g., GDPR, ISO 27001, NIST CSF, IEC62443).
- Implement a comprehensive cyber security training and awareness program.
- Develop KPI frameworks, dashboards, and reports.
- Provide strategic guidance for advanced IT/OT and cyber risk management practices.
- Collaborate with Merck EL CISO, corporate cyber security, and Regional and Site Cyber Security Managers.
- Oversee risk mitigation efforts, including third-party alignment with defined risk appetite.
- Evaluate third-party vendors' security posture.
- Measure and adjust awareness program effectiveness.
- Present risk-related reports to senior leadership.
Who you are:
A minimum of 8 years of experience in cyber security, with at least 3 years in a leadership role focused on cyber security governance, risk management, and compliance.
Strong analytical and problem-solving skills with the ability to assess complex security issues and develop effective solutions.
Proven experience in developing and implementing cyber security policies, procedures, and standards.
Familiarity with frameworks and standards such as ITIL, CoBiT, NIST CSF, ISO/IEC 27001/27002, and IEC62443.
Extensive experience in developing and implementing risk management frameworks, conducting risk assessments, and managing third-party security risks.
Strong background in regulatory compliance, including conducting and managing audits.
Information security certifications in CISM, CISA, relevant ISO certification, Sarbanes-Oxley, Data Privacy laws, or PCI is a plus.
Knowledge of IT and OT infrastructure, architecture, and security tools.
Understanding the specific security challenges and regulatory requirements of the chemical and semiconductor industry, including production facilities, is a plus.
Excellent verbal and written communication skills in English (German is a plus).
EL-BP-ICG Cyber Governance, Compliance and Enablement RL/4
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
einen besseren Job
