Job Specifications
Hungry for challenges? Join a group with innovation at its heart and contribute to the automotive revolution!
OPmobility is a world-leading provider of innovative solutions for a unique, safer and more sustainable mobility experience. Innovation-driven since its creation, the Group develops and produces intelligent exterior systems, customized complex modules, lighting systems, clean energy systems and electrification solutions for all mobility companies. With a EUR11.4 billion economic revenue in 2023, a global network of 152 plants and 40 R&D centers, OPmobility relies on its 40,300 employees to meet the challenges of transforming mobility.
Our ambition? Provide automakers with cutting-edge equipment and solutions to develop tomorrow's clean and connected car.
The Chief Information Security, Risk and Compliance Officerfulfills the following tasks.
Develops a cybersecurity vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate
Develops, implements and monitors a strategic, comprehensive cybersecurity program to ensure appropriate levels of confidentiality, integrity, availability of information assets owned, controlled or/and processed by the organization as well as the meeting of safety, privacy, reliability and resilience requirements as needed.
Facilitates an cybersecurity governance structure through the implementation of a hierarchical governance program, including the formation of a cybersecurity steering committee or advisory board
Provides regular reporting on the current status of the cybersecurity program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes
Develops, socializes and coordinates approval and implementation of security policies
Works with the vendor management office to ensure that cybersecurity requirements are included in contracts by liaising with vendor management and procurement organizations
Directs the creation of a targeted cybersecurity awareness training program for all employees, contractors and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences
Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
Advises on the cyber risk posture of the organization, including the mandatory application of controls
Determines the cybersecurity approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas
Manages the budget for the cybersecurity function, monitoring and reporting discrepancies
Manages an effective cybersecurity organization, consisting of direct reports and contributors (such as individuals in IT operations). This includes hiring, training, staff development, performance management and annual performance reviews
Enhances the security posture by adopting a cybersecurity framework that is applicable to the organization
Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations
Provides input for the IT section of the company's code of conduct
Creates the necessary internal networks among the cybersecurity team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required
Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks
Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies
Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that cybersecurity requirements are implicit in these architectures and security is built in by design
Collaborates and liaises with the privacy officer to ensure that privacy requirements are included where applicable
Defines and facilitates the processes for cybersecurity risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings
Ensures that security is embedded in the project delivery process by providing the appropriate cybersecurity policies, practices and guidelines
Manages and con
About the Company
OPmobility is a world leader in sustainable mobility and a technology partner to mobility players worldwide. Driven by innovation since its creation in 1946, the Group is today composed of five complementary business groups that enable it to offer its customers a wide range of solutions: intelligent exterior systems, complex modules, lighting systems, energy storage systems and battery and hydrogen electrification solutions. OPmobility also offers its customers an activity dedicated to the development of software, OPn'Soft.
...
Know more