Cyber Security Governance Expert (all genders)

Posté 08 nov. 2022

Darmstadt, Hessen - Germany

Demander un identifiant 255956

 

A career at our company is an ongoing journey of discovery: our 60,300 people are shaping how the world lives, works and plays through next generation advancements in Healthcare, Life Science and Electronics. For more than 350 years and across the world we have passionately pursued our curiosity to find novel and vibrant ways of enhancing the lives of others.

 


Your Role: The Cyber Security Governance Expert position is an integral member of our Group Cyber Security organization. In this role, you will lead the development of our company’s Cyber Security Governance Policy and Control Framework in line with industry standards, regulatory requirements, and best practices to protect confidentiality, integrity, and availability across our company’s IT and OT assets, software-based products, and applications. As a member of the Cyber Security Strategy, Governance, Assurance, and Risk Management team, your main responsibilities are:

  • Lead the development and enhancement of the Cyber Security Governance Policy and Control Framework in line with industry standards, regulatory requirements and best practices
  • Promote stakeholder consensus on the Governance Policies and Controls to guide good Cyber Security hygiene and staff behaviors across all domains of IT, OT, IoT and software-based products
  • Partner with management and assist them in implementing a sustainable Cyber Security Governance program
  • Work with business professionals around the globe to raise awareness for and assist them in interpreting the Cyber Security standards
  • Conduct Cyber Security audits and control effectiveness reviews (also with external partners) to verify and ensure that stakeholders throughout Merck adhere to relevant Cyber Security requirements

 

Who you are:

  • Bachelor’s degree or equivalent in intelligence studies, computer science, engineering or related field.
  • Minimum of 5 years experience with a focus on industry standards and regulatory requirements (e.g. ISO/IEC 27002, TÜVIT Trusted Site Infrastructure (v4), PCI DSS, CIS CSC, NIST SP 800-64 R2, HIPAA or KRITIS / B3S PHARMA)
  • Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines
  • Demonstrated experience across multiple information security domains preferred (e.g. IT, OT, IoT and products)
  • Expertise in conducting Cyber Security audits (also with external partners) with the ability to derive and implement actions in order to close identified gaps in alignment with affected business areas
  • 1 or more industry-recognized security, or audit professional certifications (e.g. CISA, CISM, CISSP, CCSP)
  • Professional with a positive attitude and capable of contributing to a dynamic and team-oriented culture
  • Fluent in English, additional language skills (e.g. German) considered as an advantage

What we offer: We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We celebrate all dimensions of diversity. We believe that it drives excellence, innovation, and human progress. We care about our customers, patients, and our rich mix of people. This diversity strengthens our ability to lead in science and technology. We are committed to creating access and opportunities for all and empower you to fulfil your ambitions. Our diverse businesses offer various career moves to seek new horizons. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to bring their curiosity to life!

Postuler