Technical Security & Risk Consultant
What's the role?
As a Technical Security & Risk Consultant, you are part of our Chief Cyber Security Officer (CCSO) organization reporting to the Global Head of Security Architecture & Security Consulting. You will help us to protect our crown jewels in IT/IoT/OT. You will be the trusted partner and subject matter expert in when it comes to all aspects of technical cyber security and IT risk management. You will work in close collaboration and partnership with member of senior management in Global IT and their respective leadership teams.
Who is Hilti?
We provide leading-edge tools, technologies, software and services for the global construction sector. Hilti is a multicultural workplace with 55 different nationalities committed to global teamwork.
Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services.
What does the role involve?
You will bring security know-how into projects and support the line management, product owners, project managers, solution architects, SW developers in projects. You do this by promoting “security-by-design” and “privacy-by-design” principles. Yet, in this role you are not only “another one with an opinion” but you gain trust and respect of your peers and superiors by your hands-on support and by taking strong ownership for topics while also keeping an eye on duties and obligations of the respective system owner.
You drive risk and security assessments and help to identify and articulate IT risk. You define IT controls together with the IT risk owner and you assist the implementation and optimization of IT controls throughout the process.
Furthermore, you manage the backlog and remediation of “cyber security issues” and “IT risk mitigation actions. You report on cyber security and IT risk situation in your assigned IT vertical/IT horizontal. You support internal/external audit and compliance activities.
Finally, whenever necessary, you educate teams and individuals on cyber security-related topics.
What do we offer?
Show us what you’re made of and we’ll offer you opportunities to move around the business – to work abroad, experience different job functions and tackle different markets. It’s a great way to find the right match for your ambitions and achieve the exciting career you’re after.
We have a very thorough people review process, unlike any we know of in any other business. We can pair talent with opportunities - developing our people in their current roles or challenging them to work in new ways or in new places. It’s how we find the right fit, further our teams personally and professionally, get the best value for each employee and increase the job satisfaction. Additionally, we offer you a wide range of benefits.
Why should you apply?
Hilti has a strategic focus on cybersecurity which translates into many great projects (product or services related) and opportunities to contribute but also to learn. We develop our talents and provide challenges to grow both professionally but also personally. We hire for attitude and offer a career perspective and not “another job”. We foster our culture and feeling of belonging.
What you need is:
- Master’s degree in cyber security, computer science, information systems management, engineering or a related technical discipline related to information security
- 5 + years’ experience working as a security engineer or IT security consultant. Information security officer profiles with demonstrated affinity for technology will also be considered
- As we are looking for multiple roles in parallel with different focus, we expect proven subject matter expertise in either: application security (ideally SAP), secure software development, cloud security and data security, infrastructure or network security, IoT security, OT/ICS security
- Must be familiar with agile project delivery methods in virtual, interdisciplinary, and globally distributed teams
- Demonstrating high customer focus, taking clear ownership, being a self-starter, having high problems-solving skills
- Excellent interpersonal and communication skills in English also towards senior management, a thirst to learn and challenge yourself
- Two or more of the following: CISSP, CSSP, CISM, CRISC or
- Experience in managing IT risks, IT controls, in supporting internal/external audit or compliance-related activities
- Experience in conducting penetration testing
Come Join Us!