Regional Information Security Officer Americas

The Regional Information Security Officer (RISO) implements the global information security requirements and specifies/expands them based on regional information security requirements without being contradictory to the global requirements. The RISO is the CISO’s first contact regarding all security topics within the GEA’s region and responsible for all information security topics within the region.

Responsibilities / Tasks

• Monitor regional information security requirements

• Identifies applicability of security business needs within the region, especially with regards to trends and risks

• Assist in the implementation of the global Information Security Management System (ISMS) and global business continuity standards within the region and handle information assets as well as security and business continuity risks

• Coordinate the Business Impact Analysis and define, test, and assist in the execution of the Business Continuity Plans together with the accountable process owners

• Collaborates with local/regional management and asset owners to ensure all security related controls and measures are implemented, managed, controlled and reported

• Perform security and business continuity reviews and audits, monitor the information security requirements, and participate in the security and business continuity incident handling process

• Monitors, manages and reports security business performance targets for area of responsibility, aligned with regional and overall security strategy performance metrics

• Is responsible for handling regional information security incidents

• Report security and business continuity incidents to the authorities in accordance with the incident handling process

• Instruct functionally the Local Information Security Officer (LISO) and receives continuous reporting from the LISOs

• Act as a LISO for the home location

Your Profile / Qualifications

As a person, you are a good communicator and collaborator and are able to negotiate with both customers and suppliers. You take a methodical approach to security and are also able to take ownership of budget forecasts and finances.

• Hold a bachelor’s or master’s degree in information technology/computer science/cybersecurity, business administration, or a related technical discipline

• Experience leading the development and implementation of information security policies, procedures, and guidelines to ensure compliance with relevant regulations and standards

• Have in-depth know-how in management systems, audits, and dealing with audit findings

• Have in-depth know-how in ISO 27001, NIST SP 800-171, IEC 62443, ISO 22301

• Have experience in multivendor management and dealing with multiple suppliers

• Are fluent in English

• May have security and business continuity certifications (CISSP, CISM, ISMS Lead Implementor, ISMS Lead Auditor, BCMS Implementer, BCMS Lead Auditor)

GEA offers competitive pay and great benefits

• 11 Paid Holidays
• PTO - Paid Time Off
• Medical Plans
• Dental Insurance
• Vision Insurance

GEA Group is committed to fostering an inclusive work environment where all clients and employees feel welcomed, accepted and valued. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

#engineeringforthebetter

Did we spark your interest?
Then please click apply above to access our guided application process.