Cloud Information Security Risk Manager
Are you a driven Information Security professional who is able to timely identify and assess risks and propose mitigating controls? Do you have a focus on cloud initiatives to advise on risks in regards to Information Security and compliance aspects? Then this might be the job for you!Functieomschrijving
- Performing Information Security risk management activities in cloud initiatives;
- Provide risk mitigating controls and guidance to the DevOps teams;
- Report to risk owners on residual risks;
- Contribute to improving means and methods related to our focus domains;
- Align with other cloud security competences (IT and Business) within the security community;
- Perform, advice and follow up on generic risk assessments and identified risks;
- Drive mitigation of agreed controls;
- Update the D&E security risk register;
- Ensure compliance to security policies and standards;
- Alignment with IT (-security) on controls and activities required.
- A Bachelor degree and relevant education in Information Security, Audit and or Cloud;
- At least 3 years of relevant experience in Information Security risk management;
- Experience with the ISO27001 risk management framework;
- Solid knowledge on IaaS and PaaS (information) security risks (preferably on Microsoft Azure and Google Cloud Platform);
- Fluent in English, both verbal and written;
- Nice to have: possession of valid industry certifications (CISM, CISA, CISSP, CRISC, CCSP, etc);
- Nice to have: Solid DevOps (SAFe) and project management understanding.
OrganisatieomschrijvingOur client is an innovative leader in the semiconductor industry, where enabling groundbreaking technology to solve though challenges is paramount of their vision. You will be working within the R&D domain which includes Development & Engineering (D&E), System Engineering, Intellectual Property and the Business Lines. This department is responsible to keep Information Security risks within the R&D risk appetite by identifying, assessing, driving mitigation and monitoring execution.
As Cloud Information Security Risk Manager you are responsible to Ensure Information Security risks do not exceed the risk appetite by timely identifying and assessing risks and propose mitigating controls conform best practice, policies and standards. Besides that, you identify gaps, propose improvements and update or create policies. Furthermore, you align with other cloud security competences (IT and Business) within the security community. This way you are able to perform, advice and follow up on generic risk assessments and monitor the required security controls.
- Excellent salary;
- Extensive secondary conditions;
- Travel allowance;
- A coach who guides you in your personal development;
- 50 euro's a month on top of your salary as a contribution for your health insurance;
- Employment of 12 months with the option to extend.