Responsibilities: Ensuring Compliance with Security and Regulatory Requirements: Monitor and assess adherence to legal, regulatory, and internal requirements in information security and data protection. Conducting Audits and Assessments: Plan, coordinate, and execute internal and external audits as well as risk and compliance assessments to identify vulnerabilities and areas for improvement. Consulting and Training: Support and raise awareness among business units and employees on compliance and security topics; conduct awareness trainings. Risk Management: Identify, assess, and track risks related to information security and compliance; develop and implement risk mitigation measures. Reporting and Communication: Prepare compliance status reports and communicate results and recommendations to management and relevant stakeholders. Collaboration with Internal and External Partners: Work closely with IT, data protection, legal, internal audit, as well as external auditors and authorities. Preparation and Support of Certifications: Assist in the preparation and execution of certifications (e.g., ISO 27001, TISAX) and ensure ongoing compliance with requirements. Continuous Improvement: Analyze incidents, derive lessons learned, and continuously enhance compliance and security processes.
Qualification
Comprehensive understanding of regulatory requirements and industry standards related to Cyber Security risk management and compliance. Solid foundation in Cyber Security control frameworks based on ISO 27001, enabling the identification and implementation of mitigating measures for strategic risks while effectively balancing risk severity with business opportunities and operational impact across business units.
Proficient in GRC tools for managing governance, risk, and compliance processes, ensuring effective integration and reporting. Familiarity with security frameworks and compliance standards such as ISO 27001, NIS2, and the Cyber Resilience Act to ensure proper alignment with regulatory requirements.
Proficiency in collaboration tools such as M365 and SharePoint to streamline communication and documentation within teams.
What we offer: Be part of a global leader in digital transformation, working in a vibrant Digital Hub that values innovation, agility, and cross-functional collaboration. Shape the future of BASF’s digital landscape, contributing to projects that drive sustainability and make a real impact. Thrive in a high-performance culture that supports your personal and professional growth, offering diverse learning opportunities and career development. Enjoy a modern, inclusive work environment where your ideas are valued, and your curiosity and ambition are Internal encouraged. Benefit from flexible working models, international networking, and a strong sense of purpose as we enable our customers’ green transformation and lead the way in digital excellence. [to include specific local benefits].
