Senior Information Security Audit Co-Ordinator
About the Role
Location Portugal Lisboa Amadora
1. Country: Portugal
2. State/Province/County: Porto
3. City: Porto
Company Siemens Energy Unipessoal Lda. Organization EVP Global Functions Business Unit Digital Core Full / Part time Full-time Experience Level Experienced Professional
Snapshot of your day
As a Senior Information Security Audit Coordinator, you'll play a vital role in safeguarding our organization's digital assets and ensuring stringent compliance of security standards. Your responsibilities include being responsible for audit activities, ensuring consistency to regulations, and actively contributing to risk management within our organization.
How You'll Make an Impact
4. Audit Coordination
5. Identify customers needed in announced audits
6. Coordinate audit engagements and collaborate with audit teams and customers
7. Participate in meetings and lead audit participants during audit fieldwork
8. Ensure alignment to audit schedules and quality standards
9. Collect relevant information and support documentation for audits
10. Evaluate the accuracy and completeness of the data
11. Review audit reports and analyze findings
12. Provide awareness of audit results to relevant parties
13. Track audit findings and avoid overdue remediation
14. InfoSec Project Collaboration
15. Planning and performing 2nd line of defense security assessments regarding IT and OT infrastructures, products, solutions, services and their related processes and controls
16. Discussing on eye-to-eye level with security architects and solution providers to challenge their security assumptions and requirements as well as to improve their solutions whenever vital
17. Identifying root causes of findings and assisting business and other functions in developing improvement measures
18. Contribute to the development of cyber assessment plans
What You Bring
19. University degree in an Information Technology Engineering area is a must
20. Certificates such as ISO 27001 auditor, CISSP, CISA and CISM are a plus
21. 5+ years of professional experience in any of the following is preferred: IT audit, information security, cybersecurity, IT risk management, IT GRC, IT general controls, or development of industrial IT services and solutions
22. Knowledge of ISO 19011 is preferred: Guidelines for Auditing Management Systems
23. Knowledge of ISO 27001 and some of the following is a plus: cybersecurity, IT governance, IT audit, COBIT, OT security (IEC 62443), secure software development lifecycle
24. Additionally, knowledge of some of the following is a plus: SCADA/ICS, cloud security, agile methodologies, mobile security, data protection, ITIL, network security
25. As you act in an international environment, you are willing to travel (15% max.) and therefore demonstrate business-fluent English language skills (English on a B2 or C1 level). German and Spanish language skills are a plus
26. You have very good communication and presentation skills as well as are willing to learn about the latest trends in Cybersecurity and keep up to date in a continuously challenging environment
27. Light programming skills are a plus
28. Strong leadership and organizational skills
29. Ability to collaborate successfully with multi-functional teams
30. Furthermore, you bring multicultural sensitivity, innovative thinking with proven analytical skills