Interim Cybersecurity GRC Manager

About Us

Always open. Our code, our culture, our opportunities. Leading open innovation without limits. We are SUSE.

SUSE is a global leader in innovative, reliable and secure enterprise open source solutions, including SUSE Linux Enterprise (SLE), Rancher and NeuVector. More than 60% of the Fortune 500 rely on SUSE to power their mission-critical workloads, enabling them to innovate everywhere – from the data center to the cloud, to the edge and beyond. SUSE puts the “open” back in open source, collaborating with partners and communities to give customers the agility to tackle innovation challenges today and the freedom to evolve their strategy and solutions tomorrow. 

We are open in our roots and open in our approach, striving to be the most trusted open innovator in the World. Openness extends beyond our technology. Our vibrant community thrives on diversity and connectivity without borders.

Interim Cybersecurity GRC Manager

  

Job Description

   

We are looking for a interim Cybersecurity GRC Manager for a fixed term contract of 1,5 years with possibility of extension.

Job Description:

  

Responsibilities:

• Strategic Leadership: Oversee the strategic direction, design, and execution of SUSE's information security management system (ISMS) processes, ensuring alignment with ISO 27001 and a strong focus on Governance, Risk & Compliance (GRC) principles.

• Stakeholder Engagement: Lead collaborations with senior stakeholders across SUSE to ensure the integration of security processes that effectively meet business objectives while maintaining compliance with stringent GRC requirements.

• Risk Management Oversight: Supervise the development and implementation of advanced 3rd party risk management frameworks to enhance the security resilience of SUSE's supply chain and partner ecosystem.

• Regulatory and Legal Liaison: Act as the primary point of contact for the Head of Privacy, SUSE Data Protection Officer (DPO) and Legal team, driving resolution on complex customer security assessments and high-impact contract negotiations.

• Certification and Compliance Management: Take responsibility for SUSE’s ISO 27001 & ISO 27701 certification processes, ensuring compliance and spearheading continuous improvement initiatives to maintain certification standards.

• Policy and Controls Governance: Lead the creation, revision, and enforcement of comprehensive security policies, procedures, ensuring organizational alignment with industry best practices.

• Risk Assessment Leadership: Direct in-depth risk assessments, develop and approve risk treatment strategies, and ensure the organization's risk management practices align with defined risk tolerances.

• Security Culture Advancement: Oversee the development and delivery of GRC-focused security awareness and training programs, driving a security-centric culture across the organization.

• Performance Monitoring: Establish and review key performance indicators (KPIs) related to GRC security activities, providing high-level strategic insights and recommendations for continuous improvement.

• Project and Program Management: Lead GRC-related projects and programs, ensuring successful planning, execution, and cross-functional collaboration.

Education and Experience Required:

• Proven Experience: Experience in GRC-focused information security roles, with demonstrated leadership capabilities. Experience with GRC tools strong plus 

• Educational Background: Master degree, preferably in law

• Leadership in Project Management: Strong people, project and program management skills.

Knowledge and Skills:

• Advanced ISO Knowledge: Deep expertise in ISO 27001 standard.

• Strategic Security Knowledge: Profound understanding of Information Security principles, industry best practices, and their application within the GRC domain.

• Framework Mastery: Extensive experience with security frameworks such as Common Criteria, SOC 2, NIST, and CyBOK.

• Communication Proficiency: Exceptional communication skills, with the ability to engage and influence at all levels, including C-suite executives.

• Regulatory Knowledge: Extensive knowledge of cybersecurity laws, regulations, and compliance requirements, especially NIS 2, DORA, PDL and CRA related. 

This position is subject to background checks

This position is subject to a background check(s), including criminal, credit, and/or employment references. The candidate is required to complete the background check(s) once an offer has been accepted. This will be conducted by SUSE’s external provider, where legally permitted.

Job

Information Technology

What We Offer 

We empower you to be bold, driving your career to create the future you want. We celebrate and reward your achievements.  

SUSE is a dynamic environment that is evolving rapidly, thus requiring agility, strong entrepreneurship and an open mind. 

This is a compelling opportunity for the right person to join us as we continue to scale and prosper.   

If you’re a big thinker, obsessed by execution and thrive in a dynamic environment in which you can tangibly create a lasting legacy, then please apply now!  

We give you the freedom to be yourself. You will work in a global community of unique individuals – like you – with different backgrounds, talents, skills and perspectives. A truly open community where everyone is welcome, has a voice and is encouraged to reach their full potential regardless of age, gender, race, nationality, disability, sexual orientation, religion, or any other characteristics.   

Sounds like the right fit for you? Click Apply to submit your resume. A recruiter will contact you if your skills match our current or any future positions. In the meantime, stay updated on the latest SUSE news and job vacancies by joining our Talent Community. 

SUSE Values 

• We are passionate about customers 

• We are respectful and inclusive  

• We are empowered and accountable   

• We are trustworthy and act with integrity  

• We are collaborative  

• We are SUSE!