Chief Information Security Officer (all genders)

Work Your Magic with us!  

Ready to explore, break barriers, and discover more? We know you’ve got big plans – so do we! Our colleagues across the globe love innovating with science and technology to enrich people’s lives with our solutions in Healthcare, Life Science, and Electronics. Together, we dream big and are passionate about caring for our rich mix of people, customers, patients, and planet. That's why we are always looking for curious minds that see themselves imagining the unimaginable with us.  

This role does not offer sponsorship for work authorization. External applicants must be eligible to work in the US. 

Your Role:

As Chief Information Security Officer, you will report directly to the group’s Chief Security Officer and lead the company Information Security Office, an emerging organization of about 60 FTE. You set the future vision for a comprehensive digital and non-digital information security strategy. You are responsible for shaping and managing the global information security landscape and process. You serve as a strategic advisor on security, compliance, and risks in all company data, IT, and OT activities and projects. You define the group-wide policies in line with industry best practices, applicable laws and regulations. Internally and towards third parties, you proactively conduct, follow-up and report to senior management and executive board members on risk and threat analyses ensuring protection of the company and compliance with information security policies. You interact with, coordinate and drive information security related topics and projects with cross-functional interface partners. You engage with business stakeholders to identify acceptable levels of risk and to raise awareness of risk management concerns. With your team you provide central security services to all sectors, support business projects in following the security processes and achieving their security objectives, drive the information security risk management processes, measure and report on information security, detect and manage vulnerabilities and incidents, and provide security awareness and trainings.

Key Responsibilities:

• You are the trusted advisor and in-depth investigator on all security related topics and act as trusted interface with the whole security ecosystem of the company.
• You manage the corporate-wide information security management program and serve as the process owner of all central security activities related to the availability, integrity, and confidentiality of information assets and define the company's information security policies.
• You set priorities for the global information security program which are mission-critical for the company.
• You regularly report on the status of the information security program to the group CSO, CIO, sector management, sector manufacturing heads and executive board
• You interact with cross-functional stakeholders to ensure the consistent application of policies and standards across all relevant projects, systems, and services
• You develop, implement, and monitor a strategic and comprehensive information security risk management program, in line with the corporate risk management framework.
• You design prevention programs for threats and exposures.
• You provide leadership to the information security organization and guide it to ensure consistent, high-quality information security management supporting business goals
• You influence relevant stakeholders in a matrix organization to significantly drive information security topics and raise awareness of risk management concerns.
• You contribute to current knowledge and create a future vision for structure, people, processes and technology to ensure data and system security.
• You engage and represent the company central information security function in external committees and networks, towards government and law enforcement authorities.
• You support the organization in preparation on how to respond to information security incidents, and guide the Corporate Crisis Management Team in an actual crisis with the technical expertise.

Who you are:

• Master’s degree in Computer Science, Engineering or equivalent, PhD is a plus
• 10+ years of experience in IT, OT, risk management, information security, and compliance in a global environment.
• 5+ years Team leadership experience in a multinational environment
• Information security certifications in CISSP, CISM, relevant ISO certification, Sarbanes-Oxley, Data Privacy laws, or PCI is a must.
• Black Belt in Lean and Six Sigma is a plus.
• Broad knowledge of industry cybersecurity standards and trends, and global frameworks, such as ISO/IEC 27001, NIST, CoBiT, IEC 62443, etc.
• Experience in incident response, data, application, and infrastructure vulnerability management.
• Interest and knowledge in emerging technology, changes, and innovations in information security.
• Excellent verbal and written communication skills in English (German is a plus).

What we offer: We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We celebrate all dimensions of diversity and believe that it drives excellence and innovation, strengthening our ability to lead in science and technology. We are committed to creating access and opportunities for all to develop and grow at your own pace. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to work their magic and champion human progress!
 
Apply now and become a part of our diverse team!

If you would like to know more about what diversity, equity, and inclusion means to us, please visit https://www.emdgroup.com/en/company/press-positions.html