Senior Information Security Governance and Privacy Specialist (ro-887)

4070 Basel
Start Date: 
End Date: 
2017-05-09 11:30
Hours per day: 
Hours per week: 
Total Hours: 


We are seeking for a Security Governance Specialist with decent Project Management experience to complete the current team of IT Security & Privacy Governance. The candidate will work in the global Information Security and Privacy Governance team and support a project within IT Security, in liaisons based in APAC/China.

Tasks & Responsibilities

The main task is providing information security related advice to IT project managers and the business by 

  • working on data classification work items, 
  • reviewing data classification reports, 
  • assessing risks for solutions under consideration, 
  • proposing effective security controls and measures, 
  • determining residual risks.

The candidate will also support the Security Governance team in managing activities, taking into account efficiency and effectiveness.

General information

  • Latest start date: 29/05/2017 
  • Extension: Not planned, as this project will end in December 2017. 
  • Workload: 80% (up to 100% would be possible) 
  • Remote working is likely not required, but possible (if there is a very good candidate)
  • Travelling: Likely not required, but possible. No travelling planned for this role. 
  • Department: IT Security & Privacy Governance (FIQE)
  • The contractor will work in a team with 10 team members. He/She will work on an initiative for retrospective Data Classification with project and solution management teams in the APAC area.
  • A deep understanding and several years of experience in the area of information security and risk management is a pre-requisite (minimum of 7 years of experience) 
  • Experience in IT Security and Privacy Governance roles, and applying ISO27001, NIST, ISF and other common Security & Privacy standards (minimum of 2 years of experience) 
  • Must be able to propose common technical solutions (preferred in the IT Security area) 
  • Fluent language skills in English (verbal and written) 
  • Pharma industry experience (2 to 5 years) 
  • Work experience with offshore teams (virtual working with teams of different time zones, e.g. with Asia) 
  • Certifications in the areas of IT Security Governance (CISM or equivalent), data privacy (IAPP or equivalent) 
  • Nice to Haves: 
    • Chinese as a primary or secondary language
    • Project Management experience (minimum of 2 years of experience)
    • Project Management (PMP, Prince2 or equivalent)

There are different dialects in China (Cantonese, Mandarin). Due to the hiring manager Mandarin would fit better, but is not a must. He would also prefer a candidate who has work experience with English speaking Chinese. Please note the dialect in the CV.

Prefered Interview Dates (YYYY-MM-DD):