Cybersecurity Risk Management and Data Governance - Cham, Schweiz - VARO Energy

VARO Energy
VARO Energy
Geprüftes Unternehmen
Cham, Schweiz

vor 1 Woche

Lena Schneider

Geschrieben von:

Lena Schneider

beBee Recruiter
Beschreibung
Cybersecurity Risk Management and Data Governance Manager


Hours:100% - entry by agreement


Country:

Cham (Switzerland)
The Position:


To strengthen and mature the cybersecurity capabilities within our team and across the wider organization, we are looking for an Cybersecurity risk management and data governance manager to assist in driving the tactical execution of VARO's Cybersecurity Risk management and data governance program.


You will work closely with VARO's IT, OT and Engineering teams, alongside enterprise functions (Legal, HSSE, Internal Audit, etc.) and other business stakeholders to identify, assess, manage, monitor, and report on technology, cyber and data security risks; ensure that VARO's critical data assets are adequately protected commensurate with identified risks and to govern and enforce compliance with VARO's risk and data governance policies, processes and standards.


  • If you have extensive IT Risk management or Enterprise data governance experience and are looking for a role where you will have significant impact, that will present new challenges and allow you to grow your career, we want you to be part of our Team.
Based at our offices in CHAM you will be reporting to the Head of Information Security and Infrastructure.

The role requires you to drive the management, implementation and compliance with VARO'S Cyber risk management and data governance framework and provide an organizational view of cyber, data security and technology risks.


Alongside this you will be proactive in developing and enhancing existing policies, procedures and mechanisms for managing risk, cyber resilience and data governance.


This includes conducting cybersecurity risk assessments, ensuring that organisational data remains consistent and trustworthy and does not get misused, facilitating cyber incident response testing exercises across production and corporate environments, establishing a cyber-risk taxonomy, defining and implementing a quantitative risk methodology and associated processes, building and maintaining the technology risk register and implementing metrics and dashboards that provide transparency on compliance and progress status.

The position requires a forward-thinking and self-motivated individual with strong customer orientation and proven delivery experience, who is

  • Structured, thorough, precise with a goaloriented personality with strong verbal and written communication skills, who can manage multiple crossdepartmental stakeholders to generate advocacy and solve complex, multifaceted challenges
  • Thinks strategically and effectively and can develop key processes, procedures and communications that facilitate crossfunctional implementation of risk management processes and risk reporting.
  • Possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fastpaced environment, and has worked collaboratively with others to develop, implement, and communicate risk management and data governance strategies.
  • Can drive effective teamwork, communication, collaboration and commitment to meet objectives
  • A handson team player, able to work autonomously, with an exceptional ability to create, lead creation of, and manage technically precise documentation, with patience to give and receive feedback to make iterative improvements over time.
  • Has a thorough understanding of a broad range of technical concepts relevant to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy

Key Responsibilities

Risk management

  • Improve and maintain an effective information security policy and risk framework
  • Engage with key IT and Business stakeholders to understand business processes, critical data and systems, security risk posture, and risk appetite.
  • Collaborate with technology, business and enterprise stakeholders to identify, assess and manage technology and cybersecurity risks through the entire lifecycle in line with Risk appetite
  • Conduct Security Assessments and Reviews of Solutions, Vendors, Services and Contracts
  • Maintain comprehensive view of information security and technology risk in a master risk register
  • Devise effective information security performance indicators and provide monthly reports and dashboards to provide visibility to areas of risk and progress on response plans, to drive compliance to policies and risk appetite
  • Engage regularly with other riskmanaging teams (Enterprise Risk Management, Operational Risk Management, Internal Audit, Privacy, etc.) to ensure alignment;
  • Promote adoption of risk management processes by collaborating and providing risk consulting and/or facilitating security awareness training

Data Governance

  • Partner with riskmanaging and master data management teams to establish data governance policies, processes, standards and best practic
Mehr Jobs von VARO Energy
Alle Jobs von VARO Energy anzeigen