Lead Security Architect (m/k/d)

Fastansættelse hos vores kunde

Denmark

Startdato: så hurtigt som muligt

Referencenummer: 818640/1

Om virksomheden

• At Grundfos, we develop state-of-the-art, reliable, and sustainable water management technology for public, private, and commercial use. We rely on intelligent digital solutions, and security is a key priority.
  
• As a Cyber Security Architect at Grundfos, you will be crucial in safeguarding our digital assets and ensuring top-notch security. Your responsibilities include enhancing security frameworks, promoting secure development practices, and collaborating with cross-functional teams to ensure compliance with standards.Enhance Security Frameworks: Support and improve the Grundfos ISMS to ensure digital asset security.Secure Development: Promote secure development practices within software development teams to align with industry standards.Collaboration and Compliance: Work with cross-functional teams to ensure compliance with legal, regulatory, and industry standards, enhancing Grundfos's overall security posture.

Opgaver

• As a Cyber Security Architect at Grundfos, you will be responsible for a range of critical activities aimed at ensuring the security and integrity of our digital products and services. Your role will involve conducting assessments, staying updated on cyber threats, ensuring compliance with security standards, and collaborating with various teams to enhance our overall security posture.
  
• Conduct assessments of projects and third-party vendors to ensure cybersecurity standards are met.
• Stay updated on cyber threats and develop strategies to mitigate risks.
• Ensure compliance with requirements from NIS2, ISO27001, IEC 62443-4-1, CRA, and RED DA in development activities.
• Oversee and enhance information security processes in line with the Grundfos ISMS.
• Manage and track product vulnerabilities, coordinating response and disclosure efforts.
• Handle third-party security questionnaires related to information security and risk assessments.
• Assist with penetration testing, threat modeling, and review of product security documentation.
• Collaborate with the AppSec program to ensure product compliance with security standards.
• Conduct regular training sessions and awareness programs for development teams.
• Continuously evaluate and improve existing security measures.
• Ensure ongoing compliance with legal, regulatory, and industry standards.
• Work closely with IT, legal, and compliance departments to ensure a unified approach to cybersecurity.

Profil

• Grundfos is looking for a candidate with a strong understanding of cybersecurity and the ability to foster security awareness across technical functions and businesses. The ideal candidate will have:
  
• A relevant technical degree in Information Security, Computer Science, or Cybersecurity.
• 5 years of experience in managing information security risks related to physical products.
• Experience with IT systems, network security, encryption, and OT embedded product development.
• Understanding of end-to-end cybersecurity architecture within software development environments.
• Certifications such as CISSP, CISM, CISA, CSSLP, or similar are a plus.
• Proficiency in security tools, forensic analysis, and incident detection and response technologies.
• Strong analytical skills for incident investigation, data analysis, and threat identification.
• Excellent communication and cross-collaboration skills.
• Proficiency in English.

Fordele

• Key role in protecting critical infrastructure and OT technologies in a global, sustainable company
• High-level responsibility across security architecture, compliance (NIS2, ISO27001, IEC 62443, etc.), and product development
• Opportunity to shape cutting-edge security solutions and influence technology direction
• Cross-functional collaboration with IT, legal, compliance, and development teams
• Strong professional growth through complex security projects, threat analysis, and secure development practices
• Continuous focus on innovation and improving cybersecurity processes and tools