This role is of a Senior Information Security & Privacy consultant. Bare minimum responsibilities as follows:
Stakeholder Management
- Undertaking business travels across India to assigned Bosch entities for audits, awareness etc.
Governance:
- Handling Governance risk and compliance requirement for assigned legal entity
- Handling compliance requirements of Bosch Central Directive CD 2900 / ISO 27001:2022 Identifying information security, data protection (ISP) risks and reporting to customer management
- Functional guidance to Data Security Partners (DSP) on Information Security and Privacy topics· Audit planning, mentoring, checking the status of completion, provide consultancy on ISP topics
Awareness:
- Creating awareness content and conduction awareness for target audience across hierarchy
Assurance
- Performing Audits. Planning and conducting different types of Information Security and Data protection audits as per Bosch internal and ISO 27001 Standard.· E.g. Privacy audits, Extended risk-based audits, Project audits, process audits, IT security in manufacturing audits
Advisory
- Providing consultancy on Data privacy topics – privacy by design requirements
- Identifying control requirements from Central Directives, NISPR (National ISP regulations) and translating requirements to implementation level
- Privacy principles, (GDPR, Data protection law in India)
- Cloud on-boarding solutions
- Data privacy topics -during application development, Privacy contract review➢ Participation in Quality Gates - providing review and feedback➢ IT systems - security review as per Bosch Central Directives➢ Supporting enterprise applications development as per EISA (Enterprise Information Security Architecture) as per Bosch Central Directive
- Other soft skills required - Good communication & presentation skills
Requirements
- Fulltime BE/ B.Tech in any discipline.
- 10 – 15 years of post qualification experience in Information Security and Privacy, preferably CISSP, CISA certification status
- Experience in working in Manufacturing industry -an added advantage
- ISO 27001 Lead Auditor certified. ISO 27001:2022 (Implementation experience)
- Personal Data Protection implementation (e.g. EU-GDPR or any other country regulations)
Notifications about similar jobs
Get notifications to your inbox about new jobs that are similar to this one.
No spam. No ads. Unsubscribe anytime.
Similar jobs