Business Information Security Advisor - Berlin, Deutschland - Cox Automotive

Cox Automotive

Geprüftes Unternehmen

Berlin, Deutschland

vor 3 Wochen

Geschrieben von:

Lena Wagner

beBee Recruiter

Beschreibung

Hybrid

Department:

The Enterprise Risk & Security team is a core part of the Cox Automotive Enterprise Technology team.

The team is responsible for providing Information Security expertise and delivering the Information Security Strategy and initiatives across the Cox Automotive Europe business.

These initiatives vary across a broad scope from the definition and delivery of technology security requirements to management of information security risk, governance, and compliance.

Role:

You will be working with stakeholders across the business, technology, and our Global Enterprise Risk & Security team to provide Information Security expertise across all areas of Information Security.

You will be comfortable working with technology teams to define and implement the appropriate security controls as well as being comfortable identifying, documenting, and providing mitigation plans for Information Security risk.

You will also be contributing to the vision and strategy for Information Security moving forward working closely with the Global Enterprise Risk & Security teams to implement security initiatives across the European business.

Using specialist expertise to work closely with Engineering teams (software & infrastructure), to ensure the appropriate security controls are applied across our technology
Work closely with the business to ensure secure practices & processes are understood and embedded
Tracking and reporting on the remediation of vulnerabilities across our technology
Working within Project teams to identify and consider security requirements within the project
Working with the technology teams and wider business to identify, document and report Information Security risks
Identifying process and technology improvements to improve Cox Automotive UK security posture
Scheduling and tracking of Penetration testing across our environments
Managing responses of Customer Information Security assessments
Design and deliver Information Security training via webinars, face to face sessions and other means as and when required
Promoting good Security practices across the business
Conducting assessments of Information Security incidents

Skills:

A passion for security with a background in technology
Experience & knowledge of Information Security Management Systems & Cyber Security frameworks (ISO27001, NIST, CIS)
A good understanding of technical & nontechnical security controls and the ability to articulate these in technical & nontechnical manner
Holding or working towards an industry recognised qualification (CISSP, CISM, CEH)
An understanding of the Payment Card Industry Data Security Standard (PCI-DSS).
A high level understanding of the GDPR
Comfortable working with stakeholders across the business, technology & clients at all levels
Excellent written and verbal communication skills
A self starter that can get things done.

STRICTLY NO AGENCIES PLEASE:

We work with a carefully selected set of recruitment agencies and we're not looking to add to our PSL.

We do not accept unsolicited agency CV's sent to the recruitment team or directly to the hiring manager. We will not be responsible for any fees related to unsolicited CV's

**#INDTR