It Risk And Compliance Manager
IT Risk and Compliance ManagerWe believe in security by design and privacy by design and enabling our teams to proactively work with risk management and cybersecurity.
The IT Risk and Compliance Manager will work on the areas of Governance, Risk & Compliance to ensure cyber security and data protection across SAS operations.
In this role, you will be responsible for IT risk management including vendor risk management, data privacy policies and standards, governing risk management and data privacy processes, and ensuring compliance to these.
You are directly reporting to the Head of IT Ops and SecOps, and you are a vital part of the SAS Cybersecurity Skill Hub. As IT Risk and Compliance Manager, your main responsibilities are to:Work together with the different teams within Digital and IT to enable the teams to work more hands-on with risk management and cybersecurityDevelop and enhance cyber and data security policies, control objectives, controls, risk management processes and standards aligned with information security regulations, best practices, and frameworksOversee and drive the cyber risk management processes, incl.
cybersecurity controls follow-up and vendor risk management across SASAlign key stakeholders on cybersecurity policies, data privacy, guide and enable cybersecurity and data privacy practices across the organizationAssist with internal and 3rd party audits and address associated findings, such as EASA, IOSA and PCI-DSSOwn, develop and be system administrator of our IT risk and privacy management system OneTrustTo be successful, we believe you should have:A Degree in Information Security, Privacy Management, Information Systems or Computer Science is preferred or commensurate relevant work experienceMinimum of 5 years' experience with focus on regulatory compliance and involvement in either data privacy management or cybersecurity managementIn-depth knowledge and understanding of global privacy legislation (e. g. , GDPR)Knowledge and experience of cyber security standards.
Specific knowledge of NIST Cyber Security Framework seen as an advantageExperience in translating privacy and/or security regulations into workable and implementable policies and processesExperience in implementing enterprise IT risk and privacy management systems, experience from OneTrust seen as an advantageFluent in English, Swedish or other Nordic languages considered as an advantageExperience from aviation, e-commerce and/or from large enterprises seen as an advantageExperience from working in a developer intense organization close to development teams seen as an advantagePersonal qualificationsProfessional with a positive attitude and capable of contributing to a dynamic and team-oriented cultureStrong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational linesIf you feel inspired by the position and feel this is the right challenge for your career, we are looking forward to receiving your application and CV!#LI-VK1 #J-18808-Ljbffr
Diventa il primo a rispondere a un'offerta di lavoro!
-
Perché cercare un lavoro con PostiVacanti.it?
Ogni giorno nuove offerte di lavoro È possibile scegliere tra un'ampia gamma di lavori: il nostro obiettivo è quello di offrire la più ampia selezione possibile Ricevi nuove offerte via e-mail Essere i primi a rispondere alle nuove offerte di lavoro Tutte le offerte di lavoro in un unico posto (da datori di lavoro, agenzie e altri portali) Tutti i servizi per le persone in cerca di lavoro sono gratuiti Vi aiuteremo a trovare un nuovo lavoro