Security Control Assessor [UK]

The KION/Dematic Supply Chain Solutions (SCS) Global Software R&D Organization is responsible for delivering innovative software products to support a wide range of intralogistics, material handling, and management solutions. These products play a key role in powering the logistics operations of enterprises in a wide range of industries worldwide including eCommerce activities.

We are looking for a hands-on, dynamic, and enthusiastic security control assessor to help drive our security compliance efforts. This is an exciting opportunity to join our team and support our security efforts related to the development of various projects in IoT, Intralogistics, Cloud, and Edge systems that aim to transform the warehouse logistics and management industry.

What we offer:

This is What You Will do in This Role / Key Responsibilities

• Conduct ISO 27001 Readiness Assessment and prepare Gap Assessment Report.
• Conduct independent comprehensive assessments of the security controls employed within or inherited by an products or system to determine the overall effectiveness of the controls.
• Plan and conduct security authorization reviews and assurance case development for product development, and network installation.
• Develop ISO 27001 specific procedure and policy documents as part of the implementation effort.
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
• Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk.
• Assess the effectiveness of security controls and support necessary compliance activities (e.g., validate system security configuration guidelines, perform compliance monitoring).
• Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
• Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.
  
  
  

Tasks and Qualifications:

What We Are Looking For / Qualifications

• 5+ years of experience in risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• 2+ years of ISO 27001 implementation experience conducting risk and controls assessment.
  
  
  

Preferred

• Bachelor degree or equivalent IT experience
• ISO 27001 Lead Auditor certification