- Conducting comprehensive risk assessments across various IT domains, identifying and analyzing potential risks and vulnerabilities.
- Utilizing ISO 27001 and SIG Methodology for thorough risk assessments on both internal and external entities within the organization.
- Collaborating closely with stakeholders to prioritize risks and develop effective mitigation strategies.
- Evaluating the cybersecurity posture of external suppliers and ensuring compliance with security standards and policies through collaboration with cross-functional teams.
- Reviewing and analyzing cybersecurity clauses in supplier contracts to ensure alignment with organizational security requirements.
- Negotiating and implementing security terms in supplier agreements in coordination with legal and procurement teams.
- Administering and maintaining the functionality of our GRC tool, customizing and configuring it to meet organizational cybersecurity and IT risk management needs.
- Collaborating with IT and cybersecurity teams to promote risk awareness and cultivate a culture of security within the organization.
- Providing training and support to end-users on the functionality of the GRC tool.
- Establishing and monitoring key performance indicators (KPIs) to track the security performance of suppliers.
- Conducting regular reviews and audits to ensure suppliers adhere to contractual security obligations.
- Minimum 6-8 years of professional experience working with GRC tools, preferably in small to medium-sized organizations.
- Previous experience with implementing and working with the ISO 27001 standard, demonstrating a great understanding of Information Security Management Systems.
- Certifications such as RISC, CISA, CISM, CRMA, CGRC are highly desirable.
- Effective communication and collaboration skills, with the ability to effectively engage with stakeholders at all levels.
- Strong analytical skills and attention to detail, with the ability to identify and assess cybersecurity risks effectively.
- Demonstrated ability to negotiate and implement security terms in supplier contracts.
- Experience in administering and customizing GRC tools to align with organizational requirements.
- A forward-thinking and goal-focused attitude, equipped to propel initiatives in a constantly evolving landscape.
- A bachelor's degree in information technology, Computer Science, or Cybersecurity, or an equivalent field, is advantageous for this position.
Cybersecurity Senior Specialist - Copenhagen, Danmark - WSAudiology
Beskrivelse
Driven by the passion to improve quality of people's lives, WS Audiology continues to grow as market leader in the hearing aid industry. With our commitment to increase penetration in an underserved hearing care market, we want to accelerate our business transformation in order to reach more people, more effectively.
About the Role: We are seeking a highly skilled Cybersecurity Senior Specialist to join our team. This role involves a strategic focus on enhancing our organization's IT risk management capabilities, particularly in the realm of cybersecurity. The relevant candidate will play a crucial role in assessing risks, developing mitigation strategies, and ensuring compliance with security standards across our global operations.
Responsibilities:
Requirements:
Personal Competencies: