*bat is looking for a professional in cyber security*
*role summary*
*what are the key objectives and expectations from this role?
*
maintain a working and strategic relationship with a designated drbu, in the area of cyber security.
be the partner for the drbu lt to quickly address the needs of the markets (like risk assessments, trainings, incidents); but also to ensure key cyber resilience initiatives are implemented there.
this may include, but is not limited to: ot deployments, cyber hygiene / vulnerability management, awareness campaigns, risk management, incident communication.
work with other cyber security teams ("back-office") to make sure they deliver relevant and timely services to the markets.
maintain security expertise in a designated domain like finance, supply chain, marketing, trade systems or system integrations.
*what is the direct impact of this role on the team or organization?
*
shaping security posture of several markets.
influence the lts to consider cyber security as a vital ingredient of their projects, explain risks and enforce remediation (or acceptance).
*accountabilities*
- be the 1st contact for security matters for drbu.
align priorities of cyber security tasks / project and communicate them back to cyber security team.
represent cyber security on drbu and lower levels.
- deliver aligned cyber security kpis in a designated drbu.
coordinate and execute actions needed to be on target
- translate business requirements to relevant cyber security team members offering and organize delivery in a market
- risk assessments and advisory for projects coming from your drbu or other regional / global projects within the domain of your expertise.
reassessments of risks after agreed time, to ensure continuous cyber safety
- drive global or regional security projects linked to your area of expertise
- management of cyber risk with appropriate drbu stakeholders
- if applicable, deployment of ot security projects withing the drbu / the region
- if applicable, ownership for tools and processes linked with risk assessment and assurance globally (tab, dpsq, onetrust, flexible assurance, self-assessments).
*experience, skills, knowledge*
*essential experience*
- 5+ years of professional experience in information security with a record of increasing scope and responsibility
- experience managing and communicating with business partners on different levels, up to director level
- ability to translate technical language into readily understandable language for business users
- experience assessing cyber risks of projects, vendors and technologies
- experience with and understanding of information security management, technologies, architecture and audits
*technical, functional and leadership skills*
- deep, end-2-end security knowledge accompanying at least one business area: manufacturing, finance, marketing / ecommerce, hr, legal, supply chain, sales / trade, physical security.
- understanding cloud and saas configuration management and risk reduction (focus on azure and aws) and how to protect and detect potential threats in those environments
- ability to think clearly, prioritise and make decisions under time-sensitive and high-pressure conditions
- business acumen, ability to articulate both businesses, commercial and technical ideas clearly and simply
- documented pm experience in the area of security or it (small to medium projects)
*beneficial*
- budget and resource planning: provide relevant and validated input and forecast to plan and execute projects and programs
- architecture and engineering, including cloud experience
- law enforcement or corporate investigations experience
- audit / regulatory experience