IT Risk & Security Consultant
What's the role?
Join a global team of experts who manage IT Risk & Security Governance over Hilti’s IT landscape, and act as ambassadors and single points of contact for IT Risk & Security topics. As IT Risk & Security Consultant you’re responsible for improving risk mitigation and Cybersecurity maturity of the organization.
Who is Hilti?
We provide leading-edge tools, technologies, software and services for the global construction sector. Hilti is a multicultural workplace with 55 different nationalities committed to global teamwork.
Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services.
What does the role involve?
You are member of a global team of experts who manage Risk & Security governance over Hilti’s IT landscape, and act as ambassadors and single points of contact for IT Risk & Security Management related topics. You are key contributor to the Cybersecurity strategy and its implementation, lead initiatives and ensure effectiveness of risk mitigation across the project portfolio, by defining key requirements to Cybersecurity projects and solutions, and guiding them from inception to delivery. You support IT-related projects during the design phase, ensuring Hilti delivers secure solutions by baking security in early in the process, and provide guidance and advice on all IT Risk & Security matters across the company. You work closely with our architects to include good practices, standards and measures during the design phase of key global IT solutions. You maintain, improve and consult on the governance framework, define and track IT Risk & Cybersecurity Key Performance Indicators (KPIs). You stay current with the evolving threat landscape, vulnerabilities, and attacks, to identify and assess the risk to Hilti, and achieve transparency on risk posture and mitigation effectiveness. You communicate to all stakeholders within the organization, from the IT engineering teams up to top management, in an audience adapted way
What do we offer?
Show us what you’re made of and we’ll offer you opportunities to move around the business – to work abroad, experience different job functions and tackle different markets. It’s a great way to find the right match for your ambitions and achieve the exciting career you’re after.
We have a very thorough people review process, unlike any we know of in any other business. We can pair talent with opportunities - developing our people in their current roles or challenging them to work in new ways or in new places. It’s how we find the right fit, further our teams personally and professionally, get the best value for each employee and increase the job satisfaction. Additionally, we offer you a wide range of benefits.
Why should you apply?
Become a valuable member of our highly professional and international team of IT experts and meet the challenges of a global multinational company using latest technologies. You will have the freedom to act in the responsible area with career prospects in a dynamic environment, excellent opportunities to develop yourself to higher levels and wider range of knowledge. Our team in Kuala Lumpur is a fully recognized and respected competence center that is covering all relevant areas of IT. 80% of the top positions are filled internally. We have a clearly defined career development track for every individual employee and an excellent team whom are duly rewarded by performance.
What you need is:
- MSc in Information Technology or similar; PhD preferred
- Minimum five (5) years’ experience in IT Risk Management, IT Security, Information Security, or IT Governance
- In-depth, hands-on experience in at least one IT engineering domain (e.g. Clients, Network, Applications)
- Fluent in English (verbal and written), bilingual preferred
- Specialist certification preferred (CISSP, CISA, S+, ISO 2700X, …)
We hope to hear from you soon!