Hitachi Energy is seeking a Cybersecurity Specialist - GRC. Hiring manger is prioritizing skills and experience over physical work location. As a Cybersecurity Specialist - GRC, you will work on projects for the (further) development of the Hitachi Energy Information Security Management System (ISMS) in accordance with ISO 27001. You will conduct risk and protection needs analyses and support the implementation of compliance requirements in the context of information security. You support to conduct security assessments and document vulnerabilities, as well as conducting awareness campaigns for information security. If you are looking for big, global challenges, this is the place to be. Hitachi Energy portfolio includes some of the most advanced and powerful products and systems. To help us work more efficiently, you need to understand the power and potential of Information Technology and have a passion for information security. If you have the energy, discipline, and the motivation to succeed, you will find almost limitless opportunities to stretch your thinking, expand your horizons and build your skills.
You will support all aspects of ISMS audit life cycle, including documentation of each implementation and evidence collection for auditing purposes.
You will build / maintain local relationships within different geographical locations.
You will work with stakeholders to produce ISMS status reports regularly, document corrective actions, track remediation and report progress.
You will work closely with local area contacts to identify Information Security control processes and associated ownership.
You will understand and implement all aspects of the ISO 27001:2013 and ISO 27001:2022 standard.
You will work with local area contacts and management for risk handling and acceptance.
Living core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business.
Relevant University Degree and at least 5 years of hands-on experience in Information Security and risk management.
Overall, the ideal candidate will have at least 8 years of professional experience.
CISSP, CISM, CISA, or CRISC certification is preferred.
Excellent written and verbal communication – English being the primary business language.
In-depth knowledge of the ISO 27001:2013 and ISO 27001:2022 standard as well as the ISO 27000 family of standards, including implementations, citing specific roles and responsibilities.
Ability to scope, conduct and analyze audits based on controls frameworks.
Experience in conducting on-site audits and managing the entire lifecycle for risk treatment and corrective action plans.
Willingness to travel 20%.
|Ort||Baden, Aargau, Switzerland |
Helsinki, Uusimaa, Finland
Krakow, Lesser Poland, Poland
Milano, Milano, Italy
Charleroi, Hainaut, Belgium
Mannheim, Baden-Wurttemberg, Germany
Vaesteras, Vastmanland County, Sweden
Rotterdam, South Holland, Netherlands
|Position||IT, Telecom & Internet|