At BASF Digital Hub Madrid we develop innovative digital solutions for BASF, create new exciting customer experiences and business growth, and drive efficiencies in processes, helping to strengthen BASF´s position as the digital leader in the chemical industry. We believe the right path is through creativity, trial and error and great people working and learning together. Become part of our team and develop the future with us - in a global team that embraces diversity and equal opportunities.
WHAT YOU CAN EXPECT
You will be a part of our Cyber Governance, Risk and Compliance Team which manages the Cyber Security Framework for the whole BASF Group. Additionally, you will work closely with our global data privacy organization.
Identifying, assessing, and prioritizing risks to BASF’s information assets, with a particular focus on those information assets used for processing personal data.Establishing a process to ensure that appropriate cyber security controls are in place to mitigate those risks.Defining group-wide cyber security governance standards for the systems, assets, or platforms used for processing personal data based on a risk-based approach.Collaborating closely with the global data privacy organization of BASF.Facilitate operational risk assessments, threat modeling, and vulnerability assessments to support identification of of data protection-related risk areas within the organization's systems and infrastructure.Collaborate with stakeholders to maintain a risk register and associated risk treatment plansProviding guidance and support to the organization on risk management best practices, with a particular focus on the processing of personal data, including the implementation of new processes and controls.REQUIREMENTS OF THE POSITION Bachelor’s degree in computer science, Information Technology, or a related field5-7 years of work experienceExperience with developing, implementing, and maintaining an ISMS based on ISO 27001 or other relevant standardsProfound experience in cyber security, particularly in cyber security risk managementStrong understanding of risk management principles and practices, especially in the field of risk aggregation as well as definition and evaluation of generic risks on enterprise levelExperience with risk assessments, threat modeling, and vulnerability assessmentsKnowledge of relevant laws and regulations related to cyber securityAbove-average knowledge of data protection law as well as a passion for data protection. Professional expertise in this environment would be an advantage.Passion to cooperate in an international (regulatory) environmentExcellent communication and interpersonal skills, with the ability to work effectively with interdisciplinary teamsRelevant certifications such as CISSP, CISM, CRISC are a plusConfident communication in English, both spoken and written.Confident communication in English, both spoken and written.WHAT WE OFFER A secure work environment because your health, safety and wellbeing is always our top priority.Flexible work schedule and Home-office options, so that you can balance your working life and private life.Learning and development opportunities23 holiday days per year5 additional days (readjustment)2 cultural daysA collaborative, trustful and innovative work environmentBeing part of an international team and work in global projectsRelocation assistance to Madrid providedHOW TO REACH USIf you're interested in the position or know someone who might be and need support on how to take next steps, please send an email to felipe.bianco@partners.basf.com