We are seeking for a Security Governance Specialist with decent Project Management experience to complete the current team of IT Security & Privacy Governance. The candidate will work in the global Information Security and Privacy Governance team and support a project within IT Security, in liaisons based in APAC/China.
Tasks & Responsibilities
The main task is providing information security related advice to IT project managers and the business by
- working on data classification work items,
- reviewing data classification reports,
- assessing risks for solutions under consideration,
- proposing effective security controls and measures,
- determining residual risks.
The candidate will also support the Security Governance team in managing activities, taking into account efficiency and effectiveness.
- Latest start date: 29/05/2017
- Extension: Not planned, as this project will end in December 2017.
- Workload: 80% (up to 100% would be possible)
- Remote working is likely not required, but possible (if there is a very good candidate)
- Travelling: Likely not required, but possible. No travelling planned for this role.
- Department: IT Security & Privacy Governance (FIQE)
- The contractor will work in a team with 10 team members. He/She will work on an initiative for retrospective Data Classification with project and solution management teams in the APAC area.
- A deep understanding and several years of experience in the area of information security and risk management is a pre-requisite (minimum of 7 years of experience)
- Experience in IT Security and Privacy Governance roles, and applying ISO27001, NIST, ISF and other common Security & Privacy standards (minimum of 2 years of experience)
- Must be able to propose common technical solutions (preferred in the IT Security area)
- Fluent language skills in English (verbal and written)
- Pharma industry experience (2 to 5 years)
- Work experience with offshore teams (virtual working with teams of different time zones, e.g. with Asia)
- Certifications in the areas of IT Security Governance (CISM or equivalent), data privacy (IAPP or equivalent)
- Nice to Haves:
- Chinese as a primary or secondary language
- Project Management experience (minimum of 2 years of experience)
- Project Management (PMP, Prince2 or equivalent)
There are different dialects in China (Cantonese, Mandarin). Due to the hiring manager Mandarin would fit better, but is not a must. He would also prefer a candidate who has work experience with English speaking Chinese. Please note the dialect in the CV.