At Hitachi Energy our purpose is advancing a sustainable\\xe2\\x80\\x8b energy future for all. We bring power to our homes, schools, hospitals, and factories. Join our global Cybersecurity Team and contribute to world-class security for our products and services. Develop yourself on projects that have a real impact to our communities and society. Bring your passion, bring your energy, and be part of a global team that appreciates a simple truth: Diversity + Collaboration = Great Innovation
Hitachi Energy is seeking a Cybersecurity Specialist - GRC with a focus on assessments and tracking. Hiring manger is prioritizing skills and experience over physical work location. As a Cybersecurity Specialist GRC Assessments, you will contribute to the further development of our Cybersecurity portfolio and will independently conduct consulting and assessment engagements. If you are looking for big, global challenges, this is the place to come: Hitachi Energy portfolio includes some of the most advanced and powerful products and systems, and Cybersecurity for us is a pervasive quality integrating across all domains, from core IT, factories, business all the way to products and services. Understanding Cybersecurity as pervasive will help us work more efficiently. If you have the energy, discipline, and the motivation to succeed, you will find almost limitless opportunities to stretch your thinking, expand your horizons and build your skills.
Your responsibilities
You will contribute to Hitachi Energy Cybersecurity Governance Framework, and to the further development of Cybersecurity validation and assessment services, applying and incorporating relevant standards of Hitachi, the industry and other applicable regulation, as assigned.
You will independently conduct consulting and assessment engagements with different counterparts in and outside of Hitachi Energy.
In interaction with counterparts, and in line with our Risk Management Framework, you will drive findings and observations to completion, including status tracking and reporting.
You will advise counterparts on activities such as risk treatment options, remediations, mitigations, assess adequacy and raise next steps as needed.
You will work closely with domain and process custodians to identify Cybersecurity control processes and associated ownership.
Living core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business.
You provide leadership to temporary work teams, guiding and monitoring task completion, sharing expert knowledge and advice normally without carrying line responsibility.
Your background
Relevant University Degree and 8+ years relevant experience in Information Security governance, risk management and compliance in large, global organizations (consulting, audit or industry/operations), preferably covering industry and project experience.
Experience in establishing and maintaining a Cybersecurity governance framework.
Experience in Risk Management and Consulting definition and implementation; ability to execute with minimal supervision.
Experience to operate in an international environment; limited travel (20%) as required.
Knowledge of relevant security standards such as ISO27001/2, NIST CSF, CIS controls v8, ITIL required.
Experience with GRC tools a plus
In-depth knowledge of the ISO 27001:2013 and ISO 27001:2022 standard as well as the ISO 27000 family of standards, including ISO 27005, citing specific roles and responsibilities.
Information Security/Risk Management certification (CISA, CISM, CISSP, CRISC\\xe2\\x80\\xa6) required.
Project Management certification a plus
Fluency in verbal English and excellent English writing skills are essential.\\n \\n \\n \\n \\n \\n