We are seeking a highly skilled Senior Cybersecurity Specialist to join our team. This role involves a strategic focus on enhancing our organization's IT risk management capabilities, particularly in the realm of GRC and Control Audits. The relevant candidate will play a crucial role in assessing control compliance, developing mitigation strategies, and ensuring GRC adoption across our global operations.
What you will do
Audit and Compliance:
- Conduct detailed cybersecurity audits to ensure compliance with ISO 27001, ISO 31000, and NIS2 standards.
- Develop and implement audit plans, procedures, and checklists.
- Identify and document control deficiencies and provide recommendations for remediation.
- Monitor and report on compliance status, ensuring timely resolution of identified issues.
Risk Assessment:
- Perform risk assessments to identify, analyze, and evaluate cybersecurity risks.
- Develop risk management frameworks and strategies in alignment with ISO 31000.
- Collaborate with stakeholders to prioritize and address identified risks.
- Maintain risk registers and ensure continuous monitoring and reporting.
Control Compliance:
- Ensure the implementation and maintenance of effective security controls in line with ISO 27001 and NIS2 requirements.
- Develop and update security policies, procedures, and guidelines.
- Conduct control testing and validation to ensure effectiveness.
- Provide guidance and support to various teams on compliance requirements and best practices.
Training and Awareness:
- Conduct training sessions and awareness programs on cybersecurity policies, standards, and best practices.
- Keep abreast of the latest cybersecurity trends, threats, and regulations.
- Promote a culture of security awareness and compliance across the organization.
What you bring
Experience
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Professional certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, or similar.
- 8-10 years of experience in cybersecurity GRC, with a strong focus on ISO 27001, ISO 31000, and/or NIS2.
- In-depth knowledge of cybersecurity frameworks, standards, and best practices.
- Experience in the healthcare or medical device industry is a plus.
Personal competencies
- Excellent communication and interpersonal skills, with the ability to work effectively with diverse teams
- Strong analytical, problem-solving, and decision-making skills.
- Demonstrated ability to negotiate and implement security terms in supplier contracts.
- Experience in administering and customizing GRC tools to align with organizational requirements.
- A forward-thinking and goal-focused attitude, equipped to propel initiatives in a constantly evolving landscape.
We can offer
Growth: we have a training budget for you, access to the LinkedIn Learning platform, and the possibility to work with modern technologies within a med-tech company,
Stability: work in a well-established company with over 100 years of experience in producing hearing aids,
Diversity: work in a truly global environment with the possibility for cross-collaboration.
Who we are
At WS Audiology, we provide innovative hearing aids and hearing health services.
Together with our 12,000 colleagues in 130 countries, we invite you to help unlock human potential by bringing back hearing for millions of people around the world.
With us, you will become part of a truly global company where we care for one another, welcome diversity and celebrate our successes.
Sounds wonderful We can't wait to hear from you.
WS Audiology is an equal-opportunity employer and committed to creating an inclusive employee experience for all. Regardless of race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, military or veteran status we firmly believe that our work is at its best when everyone feels free to be their most authentic self.
