Reporting professionally to the Head of Cybersecurity (HQ) and managerially to the local HR Russia, the Regional Cybersecurity Manager will be responsible for defining the local roadmap in the region, taking into consideration local Cybersecurity needs and the overall Cybersecurity strategy, in coordination with Cybersecurity Department in the HQ.
He/She is in charge of identifying and gathering these specific local Cybersecurity needs, addressing them through the implementation and management of local projects. He/She supports the deployment and enforcement at local level of the global Cybersecurity procedures, methodologies and technologies and periodically evaluates effectiveness and efficiency of Cybersecurity processes at local level.
Обязанности:- Harmonize the definition of objectives and development roadmap for each Cybersecurity process and service (i.e., risk assessment, vulnerability assessment, cybersecurity awareness, etc…) in the region, in coordination with the overall Cybersecurity strategy.
- Address local Cybersecurity needs and identify local improvement areas through the implementation and management of projects, enhancing local Cybersecurity levels in accordance with the HQ's directives.
- Collect local Cybersecurity requirements, their priorities, and their high-level feasibility, through well-maintained communication channels with local stakeholders, and share them with the global Cybersecurity Team.
- Ensure the global Cybersecurity requirements are integrated in IT\Business\OT processes at local level.
- Guarantee the cybersecurity of the local industrial plant and supply chain.
- Support and ensure the deployment and upkeep of Cybersecurity methodologies, processes, and technologies at local level, coordinating Cybersecurity efforts towards projects completion.
- Evaluate and ensure compliance with local and technical requirements for acquired and developed Cybersecurity tools, policies, and procedures.
- Monitor local Cybersecurity threats and vulnerabilities, providing support in the constant evaluation of the Cyber Risk at local level, supporting also incident management for events with impact at local level.
Требования:
Experience:
- 6+ years of experience in a similar position or in Cybersecurity consultancy and cybersecurity system integrators. The candidate should have experience in working, dealing, and liaising with local stakeholder (technical and non-technical), with the goal of managing a region or local Business area as a point of contact for central Cybersecurity in the organization; the candidate should further have experience in maintaining relationships with the relevant local stakeholder and in establishing contact when nonexistent.
- Outstanding analytical and conceptual skills.
- Experience in Manufacturing and/or Food & Beverage Environment is considered a plus.
Knowledge:
- General Knowledge of main IT and OT (Operational Technology) cybersecurity topics, as to coordinate local activities with the entire Cybersecurity team and each competence center, such as:
- Knowledge of main Cybersecurity technologies (firewalls, IDS/IPS, SIEM, EDR, Vulnerability Scanner);
- Familiarity with OT concepts (e.g. PLC, DCS, SCADA);
- Good knowledge of Cybersecurity international standards, law and regulations (e.g. ENISA, NIST, GDPR, ISO27000) or otherwise main international and local laws and regulations interesting Cybersecurity, with awareness of the main critical points to reach their compliance;
- Knowledge of compliance assessments related to a local scope, against major standards with direct or indirect implications for Cybersecurity (e.g. PCI, HIPAA, NIST, GLBA and SOX);
- Knowledge of Cybersecurity incidents response, for what regards coordination with a central Defence and Response Team;
Education: MS in Information Technology or a related field. Professional certifications are considered a plus:
- ISC2 CISSP: Certified Information Systems Security Professional
- CISM: Certified Information Security Manager
- CISA: Certified Information Systems Auditor
- ISO/IEC 27001:2013 Auditor/Lead Auditor
- Other equivalent certification.
Foreign languages:
- Business fluent written and spoken English.
- Any other language is considered a plus.
Availability to travel: For business purposes, the Regional Cybersecurity Manager might be required to travel for short-term assignments (estimated up to 5−10% of time in business trip).
Условия:
The Company offers an attractive compensation package including base salary, bonus, medical insurance, and other benefits.
