Cyber Security Risk & Compliance: Cyber Security Risk & Assurance Manager Location: NL/Spain
Place of work: Hybrid
We are looking for a Risk and Internal Control Manager to join our team!
You will be part of the Cyber Security Risk & Compliance team, working closely with the other Cyber Chapters, business units, and business partners in identifying, assessing, and managing the cyber security risk management processes and cyber security continuous controls monitoring activities.
This role is a great opportunity to work with stakeholders at all levels in the organization, becoming a reliable partner, having visibility, exposure, and contributing to the success of the strategy.
Your key responsibilities:Design, implement, maintain, and improve the main elements of the Cyber Security Risk & Compliance Framework in dsm-firmenich and the Cyber Security Continuous Control Monitoring process.Facilitate, perform, and monitor Cyber Security related risk assessments.Execute Test of Design (TOD) and Test of Effectiveness (TOE) with respect to Cyber Security controls.Report & monitor on results of Risk assessments and TOE.Support the deviation management process.Support risk and/or control owners to enable them in managing their risks and controls effectively and efficiently, provide risk oversight, challenge, and advise on key decisions, participate in key projects, and pro-actively signal trends and related potential (new) risks.We bring:A space to grow by encouraging and supporting curiosity and an open mindset.A flexible work environment that empowers people to take accountability for their work and own the outcome.The opportunity to work for a company where sustainability is much more than a claim and is core to our strategy and purpose.Barrier-free communities within our organization where every employee is equally valued and respected – regardless of their background, beliefs, or identity.A rich history and a promising future of bold scientific innovation and passionate creation with our customers.An eagerness to be one team and learn from each other to bring progress to life and create a better future.You bring:Master's in digital, IT, Cyber Security and/or Risk Management, Internal Control, or other relevant major.Experience in Governance, Risk and Compliance (GRC).Advanced understanding of Cyber Security Risk Management.Advanced understanding of internal control and internal auditing.Interest or experience in quantified risk management methodologies.Understanding of the main standards with respect to information security and Cyber Security for Industry like ISO27001, NIST, IEC62443 etc., and able to apply them in practice.Business understanding and partnering (Problem-solving mindset and skills; can-do mentality; influencing without authority; showing co-ownership).
#J-18808-Ljbffr