IT RISK AND COMPLIANCE MANAGER (M/F/D)
Ähnliche Stellenanzeigen
IT-Quereinstieg SAP EWM (all genders)
Trainee Business Analyse (all genders)
Your vision is ambitious. Just like ours.
Our people are our success. As one of us, you will contribute to engineering excellence for the high-tech markets of the future, including semiconductors, batteries, pharmaceuticals, biotechnology, and data centers. At Exyte, you will be part of a global community of challenge seekers who are ambitious and passionate about innovation. Together, we will build on our company’s long history and keep on leading the way to a better world.
Discover your exciting role
The IT risk manager is responsible for establishing and maintaining Exyte’s overall IT risk management, which is designed to ensure that the company’s IT systems and information assets are adequately protected. The individual in this position is responsible for identifying, evaluating and reporting on IT and information security risks in a manner that meets Exyte’s regulatory and other compliance requirements. You will work proactively with the various business units and other internal departments and organizations to implement practices that meet Exyte’s defined policies and standards for information risk management.
Explore your tasks and responsibilities
- Manage all the risk-related activities of Exyte‘s IT organization, including budgeting, planning, testing, reporting and recommending appropriate remediation measures
- Manage oversight and monitoring of risk mitigation and coordination of policy and controls with the different stakeholders to ensure that other managers are taking effective remediation steps
- Ensuring IT compliance with the applicable legal regulations as well as internal corporate policies
- Benchmark the risk management practices of other companies — particularly those in related industries or with similar business models — maintain an up-to-date understanding of industry best practices and monitor the legal and regulatory environment for developments that could require changes to Exyte’s established IT policies and practices
- Create, disseminate and (as required) update documentation of Exyte’s matrix of identified IT risks and control
- Ensure that controls are adequate to meet Security Policies. Conduct assessments and audits based on laws and regulatory expectations (GDPR, SOX, NIST, CIS Critical Security Controls, etc.)
- Design and implement accurate and thorough governance gaps assessments to applicable laws, rules, regulations, and industry practices
- Work directly with the business units and other internal departments and organizations to facilitate IT risk analysis and risk management processes, identify acceptable levels of residual risk
- Design and conduct risk assessments
- Manage the oversight of technical risk assessments, such as vulnerability scanning and penetration testing
- Manage information asset and application risk assessments
- Conduct risk reviews for new applications
- Manage third-party risk assessments
- Facilitate business alignment and communications by forming an IT risk management steering committee or advisory board
- Review risk assessments analyze the effectiveness of Exyte’s IT control activities and report on them — with actionable recommendations — to the CIO, the CISO, Corporate risk manager and IT managers
- Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken
Show your expertise
- Minimum Bachelor of Science required, with a focus on IT- or IT-risk-related disciplines (for example, security, privacy, business continuity management and compliance).
- Basic knowledge of a broad range of standards and frameworks — for example, International Standards Organization (ISO) 27001, IT Infrastructure Library and ISO 20000, Capability Maturity Model Integration and Six Sigma.
- Knowledge of common risk management methodologies — for example, Control Objectives for Information and Related Technology (COBIT) and Committee of Sponsoring Organizations Enterprise Risk Management
- Excellent communication and presentation skills
- Fluent in English. German language is a plus
Our people are the corner stone of our success, and I believe one of the most important investments we can make is to care for their well-being.
Dr. Wolfgang Büchele, CEO Exyte
Get more than just a job
You want to be part of the Exyte team? We are looking forward to receive your application.
For further questions and information please contact us by phone +49 711 8804-4662. We are looking forward to meeting you.
Exyte Management GmbH
Vu-Vy Dao
Loewentorbogen 9b
70376 Stuttgart
Exyte is an Equal Employment Opportunity employer and is committed to equal opportunity and equal treatment. Therefore, Exyte Group provides equal employment opportunities to all qualified applicants regardless of ancestry, gender, sexual orientation, gender identity, race, color, religion, protected veteran or disability status, or genetic information.
Join our Talent Community
Let’s stay connected. Register to receive regular updates on current job openings and network with other bright minds in the industry.