Cyber & Information Security Auditor
Infineon's Cyber team is a global entity that spans across several countries, covering functions such as Cyber Governance & Risk, Consulting, Security Monitoring, Incident Response & Digital Forensics, and OT Security. We are hiring for the role of a Cyber & Information Security Auditor to join our Verification team in Porto.
You will be responsible for verifying Infineon's Cyber & Information Security Management System, driving the Verification Automation, and ensuring continuous compliance with legal, contractual, and internal security requirements.
Key Responsibilities:
* Verify the completeness and effectiveness of Infineon's Cyber & Information Security Management System (2nd line of defense) for Europe and Americas regions.
* Ensure Infineon's continuous compliance with legal, contractual, and internal security requirements as well as certifiable Security Standards (ISO27001, TISAX, Common Criteria, GSMA, etc.).
* Perform internal control/audit activities and facilitate external audits to obtain new or uphold already granted Security Certifications.
* Maintain and improve the Verification function and related processes as well as the Cyber & Information security control framework.
* Drive the verification automation by supporting the implementation or development of a GRC application.
You have a hands-on approach to work and can take responsibility for your area of expertise. You are proactive, enthusiastic, and able to establish successful collaborations with people across different levels and functions.
Requirements:
* Degree in Computer Science, Information Technology, or an equivalent qualification, ideally with a focus on Cyber/Information Security.
* At least 3 years of experience as an auditor, expert, or consultant in the area of IT and/or Cyber/Information Security, preferably in an international environment.
* Knowledge of general Cyber/Information Security Standards such as NIST and ISO27001, and ideally industry-specific Security Standards (TISAX, Common Criteria, GSMA).
* Relevant Security Certifications (ISO27001 Lead Auditor, CISA, CISM, CISSP) would be a plus.
* Experience in programming - Python, Java, or C++ would be an advantage.
* The willingness to travel internationally up to 30% (mainly within Europe and America).
* Fluency in English.
We offer a wide range of benefits, including coaching, mentoring, networking possibilities, training offers, international assignments, and flexible working conditions.