Be a key driver on BASF´s path to digitalisation by supporting existing products and initiatives as well as innovate additional digital solutions that supports BASF´s global businesses.
Role specific activities (what is expected of you):
The Cyber Security Risk Specialist is a development position within the Cyber Security Risk Management department. This individual will learn the Security Risk Management process (risk assessment, risk evaluation, risk mitigation and monitoring). This role will also focus on the creation of more efficient and actionable reporting of Security Risks within our GRC tool (RSA Archer).
The Cyber Security Risk Specialist is a support position of the team to assist with risk mitigations, exceptions and escalations within the risk management process.
Required (Education, Additional Qualifications and experience):
• IT, IT Security and IT Risk Management Experience (2 yrs)
• Strong knowledge of and ability to apply Risk analyses and evaluation, good practice and standard methods (incl. ISO 27005, 27001, COBIT)
• Bachelor´s degree is required; a degree in Information Systems or related discipline is preferred, combined with at least 2 years of experience in IT, IT Security, and/or IT Risk Management; advanced degree is a plus.
• Good communicative skills to explain and communicate complex risks and findings to various stakeholders in BASF (technical experts, risks analyst, management)
• Ability to communicate fluently in English (orally and in writing); basic capabilities in German language would be beneficial.
• Excellent structured analytical and problem-solving skills to
• understand Cyber Security risks
• follow-up on risk treatment plans and monitor their implementation
• learn from problems and identify potentials for improvements
• Commitment to work independently, dependably and to high-quality standards
• Excellent relationship building and collaboration ability to work well as part of a team
Nice to have (Education, Additional Qualifications and experience):
• Technical knowledge in enterprise IT (incl. web applications, databases, middleware, operating systems, networks ...)
- Experiencia: 2 años
- Tipo contrato: Indefinido
- Jornada: Jornada completa
- Salario: No especificado