Global Chemical Manufacturing company is looking for a GRC Senior Analyst for their new technological hub in Barcelona. At Hays, we are experts in the job market and have been promoting the world of work in Spain for more than fifteen years, and more than fifty years globally.
The Company:
We are helping to recruit talent for a high growth Multinational Company with Headquarters in Switzerland, leader in the Chemical Business sector. It is a leader organization in Microbial Control Solutions (MCS) and specialized Product Solutions (SPS), offering a wide portfolio of products aimed at a variety of end markets. Our client's MCS business is a world leader, targeting six target markets: hygiene, home and personal care, paints and coatings, crop protection, material protection, and wood protection. MCS draws on industry-leading regulatory expertise, the broadest set of bioactives, and the widest range of registrations in the world, which are critical to maintaining the integrity of its customers' products.
The Project:
Currently, our client is opening a new Technological Hub from scratch in the plain centre of Barcelona and they are looking for an Information Security GRC Senior Analyst with deep knowledge and experience in risk management, information security governance, risk, and compliance, and process development. This role will interface with various cross-functional stakeholders and ensure that information security controls are defined, documented, and aligned with adopted frameworks, policies, and compliance requirements. Security risks are identified, tracked, and managed, and adopted internal controls are regularly monitored for effectiveness and compliance with the goal of continuous process improvement.
Your Responsibilities:
Perform enterprise risk assessments, report results to management, and establish/leverage formal risk tracking and acceptance processes. Develop information security and data privacy policies, standards, and procedures; routinely review and update governance documents. Establish information security and data privacy internal control mappings and ensure alignment with adopted security and compliance frameworks. Monitor established control effectiveness and track security control completion (e.g., based on frequency). Perform third party service provider/vendor risk assessments. Perform routine user access and entitlement reviews, including identification of segregation of duties conflicts. Develop data privacy program data inventory and maintain cross-border data flow maps. Track penetration testing remediation efforts to successful remediation as validated by subsequent follow-up testing. Provide documentation and research assistance, as needed, during information security incident response scenarios. Perform research related to emerging solutions and methodologies that will help the organization reduce risk and evolve with a changing threat landscape. Additional duties, as assigned by CISO (e.g., assisting Information Security Engineer and/or Information Security & Privacy Manager). What you need to Apply:
Experience adopting and implementing risk management, cyber security, and compliance frameworks (e.g., ISO 27000-series, Swiss Data Protection Act, EU GDPR, GxP). Technical background with a good understanding of security concepts and practical usage (e.g., Network Engineering, Network Security, Threat and Vulnerability Management, Database, SDLC, and Release Management). Knowledge of, or experience working with, cloud technologies/environments, including evaluating and implementing controls on Infrastructure as a Service (IaaS) environments. Analytical thinker with strong organizational skills; attention to detail. Prior use and knowledge of GRC tooling (e.g., SAP GRC or similar). Broad knowledge of both information technology and computer security issues, requirements, trends, and industry practices. What do we offer:
A stable contract directly with our client. Competitive salary and additional benefits. The chance to participate in one of the most innovative and pioneer technological projects in the chemical manufacturing sector. A hybrid working model with flexibility. The opportunity to join a global chemicals company having a role with international visibility.
#J-18808-Ljbffr