SUSE, a pioneer in open source software, provides reliable, interoperable Linux and cloud infrastructure solutions that give enterprises greater control and flexibility. More than 20 years of engineering excellence, exceptional service and an unrivaled partner ecosystem power the products and support that help our customers manage complexity, reduce cost, an...
Read more about this company
Strategic Leadership:Oversee the strategic direction, design, and execution of SUSE's information security management system (ISMS) processes, ensuring alignment with ISO 27001 and a strong focus on Governance, Risk & Compliance (GRC) principles.
Stakeholder Engagement:Lead collaborations with senior stakeholders across SUSE to ensure the integration of security processes that effectively meet business objectives while maintaining compliance with stringent GRC requirements.
Risk Management Oversight:Supervise the development and implementation of advanced 3rd party risk management frameworks to enhance the security resilience of SUSE's supply chain and partner ecosystem.
Regulatory and Legal Liaison:Act as the primary point of contact for the Head of Privacy, SUSE Data Protection Officer (DPO) and Legal team, driving resolution on complex customer security assessments and high-impact contract negotiations.
Certification and Compliance Management:Take responsibility for SUSE’s ISO 27001 & ISO 27701 certification processes, ensuring compliance and spearheading continuous improvement initiatives to maintain certification standards.
Policy and Controls Governance:Lead the creation, revision, and enforcement of comprehensive security policies, procedures, ensuring organizational alignment with industry best practices.
Risk Assessment Leadership:Direct in-depth risk assessments, develop and approve risk treatment strategies, and ensure the organization's risk management practices align with defined risk tolerances.
Security Culture Advancement:Oversee the development and delivery of GRC-focused security awareness and training programs, driving a security-centric culture across the organization.
Performance Monitoring:Establish and review key performance indicators (KPIs) related to GRC security activities, providing high-level strategic insights and recommendations for continuous improvement.
Project and Program Management:Lead GRC-related projects and programs, ensuring successful planning, execution, and cross-functional collaboration.
Education and Experience Required:
Proven Experience:Experience in GRC-focused information security roles, with demonstrated leadership capabilities. Experience with implementing ICT laws in practice.
Educational Background:University Degree in Law
Leadership in Project Management:Strong people, project and program management skills.
Gmail
Yahoomail