Bosch-HomeComfort
Information & Cyber Security Expert
Job description
Key Responsibilities:
- Information & Cyber Security:
- Representing the role of the Cyber Security Manager for assigned projects
- Main contact for the assigned sites or IT applications for the deployment of Information & Cyber Security standards.
- Planning and performance of Cyber Security Assessments (e.g. Security Audits, Risk Analysis).
- Delivery of standardized Cyber Security & IT Compliance services (e.g. Vulnerability Management, review of Operator Self-Checks, coordination of PenTests, Awareness Sessions, training, templates) for IT compliance partners, IT owners, managers and associates.
- Determination and reporting of the Cyber Security status to stakeholders (e.g. Plant Managers, IT owners).
- IT Risk & Compliance Management:
- Consulting and support in the implementation of sustainable and effective measures for risk mitigation and IT Compliance.
- Responsible for the inventory and appropriate follow-up of risks and respective measures to ensure timely closure of agreed-upon measures.
Support in the establishment of a positive IT risk-aware culture.
- Bachelor's degree in Information Technology, Computer Science, Information Security, or a related field.
- Total 10 years of experience, 3+ years of progressive experience in Information Security, Cyber Security for Enterprise IT, IT Risk Analysis or Audits.
- Proven experience in conducting comprehensive Cyber Security assessments or IT audits.
- Understanding of common IT control frameworks (e.g. ISO 27001, CIS) or Bosch IT regulatory requirements (e.g. CD09000, CD02900).
- Stakeholder-driven attitude to consult and support IT owners and head of departments
- Systematic approach as well as strong analytical and problem-solving skills with meticulous attention to detail.
- Advanced written and verbal communication skills, with the ability to effectively articulate technical concepts to diverse audiences.
- Ability to work independently and as part of a global team in a fast-paced, dynamic environment.
Strong presentation and training delivery skills.
Relevant industry certifications such as ISO 27001 Lead Auditor, CRISC, CISSP, CISM, CISA, or equivalent.


