Must have

• Security

• English (B2)

Requirements description

Qualifications & Competencies (education, skills, experience):

• Educational Background: A Bachelor’s or Master’s degree in information technology, cybersecurity, computer science, or a related field is essential, though relevant working experience may be considered an equivalent
• 3+ years of experience in cyber security, previous experience in a GRC role highly desired
• Proficiency in various cybersecurity tools and software, understanding of network infrastructure and security protocols, corporate IT operations, and knowledge of threat modeling and risk assessment techniques are helpful
• Practical experience information security in a consulting, corporate or government setting is valuable, along with familiarity with information security standards and frameworks such as ISO/IEC 27001 and NIST
• Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are desirable
• Demonstrated ability to work independently, positively influence others, develop or acquire new skills, and consistently achieve desired outcomes

Offer description

Responsible for developing and implementing, cyber security Governance, Risk, and Compliance (GRC) initiatives within Bayer by applying industry leading practice, measuring adherence to Bayer policies and procedures, assessing compliance of Bayer processes, monitoring critical IT security deliverables, and providing audit support for cyber security teams. Also responsible for delivering positive end-user experience in GRC matters and regularly engaging stakeholders to achieve desired outcomes.

Your responsibilities

1. Perform risk management activities to identify, assess, and mitigate cyber security risks for Bayer. These include owning and operating the cybersecurity framework, measuring the effectiveness of this framework and driving for the maturity and to support business needs
2. Develop and maintain key performance indicators (KPIs) and metrics to measure the effectiveness of GRC initiatives
3. Collaborate with cross-functional teams to integrate GRC principles into business processes and systems
4. Provide consulting across the organization on matters of cyber security GRC
5. Monitor regulatory changes and industry trends to ensure the organization remains compliant and proactive in addressing emerging risks
6. Act as a liaison with external auditors, and stakeholders on GRC-related matters

show all (15)