Cybersecurity Senior Specialist

at  WS Audiology EMEA

Driven by the passion to improve quality of people’s lives, WS Audiology continues to grow as market leader in the hearing aid industry. With our commitment to increase penetration in an underserved hearing care market, we want to accelerate our business transformation in order to reach more people, more effectively.
About the Role: We are seeking a highly skilled Cybersecurity Senior Specialist to join our team. This role involves a strategic focus on enhancing our organization’s IT risk management capabilities, particularly in the realm of cybersecurity. The relevant candidate will play a crucial role in assessing risks, developing mitigation strategies, and ensuring compliance with security standards across our global operations.

REQUIREMENTS:

• Minimum 6-8 years of professional experience working with GRC tools, preferably in small to medium-sized organizations.
• Previous experience with implementing and working with the ISO 27001 standard, demonstrating a great understanding of Information Security Management Systems.
• Certifications such as CRISC, CISA, CISM, CRMA, CGRC are highly desirable.

WHO WE ARE

At WS Audiology, we provide innovative hearing aids and hearing health services.
Together with our 12,000 colleagues in 130 countries, we invite you to help unlock human potential by bringing back hearing for millions of people around the world.
With us, you will become part of a truly global company where we care for one another, welcome diversity and celebrate our successes.
Sounds wonderful? We can’t wait to hear from you.
WS Audiology is an equal-opportunity employer and committed to creating an inclusive employee experience for all. Regardless of race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, military or veteran status we firmly believe that our work is at its best when everyone feels free to be their most authentic self

• Conducting comprehensive risk assessments across various IT domains, identifying and analyzing potential risks and vulnerabilities.
• Utilizing ISO 27001 and SIG Methodology for thorough risk assessments on both internal and external entities within the organization.
• Collaborating closely with stakeholders to prioritize risks and develop effective mitigation strategies.
• Evaluating the cybersecurity posture of external suppliers and ensuring compliance with security standards and policies through collaboration with cross-functional teams.
• Reviewing and analyzing cybersecurity clauses in supplier contracts to ensure alignment with organizational security requirements.
• Negotiating and implementing security terms in supplier agreements in coordination with legal and procurement teams.
• Administering and maintaining the functionality of our GRC tool, customizing and configuring it to meet organizational cybersecurity and IT risk management needs.
• Collaborating with IT and cybersecurity teams to promote risk awareness and cultivate a culture of security within the organization.
• Providing training and support to end-users on the functionality of the GRC tool.
• Establishing and monitoring key performance indicators (KPIs) to track the security performance of suppliers.
• Conducting regular reviews and audits to ensure suppliers adhere to contractual security obligations.