Global Head of Cyber Risk, Control and Assurance (m/f/x)

We are looking for a Global Head Cyber Risk, Control and Assurance to continuously improve risk- and control-driven cyber security activities in Global IT. In this role you will report to the Chief Cyber Security Officer (CCSO) and take over the responsibility for a newly formed team of experienced cyber security and IT risk specialists.

If you’re new to the industry, you might not have heard of us. We provide leading-edge tools, technologies, software, and services for the global construction sector. We have a proud heritage, built over more than 75 years, and a worldwide reputation for pioneering products and exceptional service. With some 30,000 people in more than 125 countries, which we are looking to expand, we’re a great place for you to show us your worth, step up to new challenges and grow your career.

Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services and this is also the home of the Chief Cyber Security Officer Organization.

You will report to the Chief Cyber Security Officer (CCSO) and be part of the CCSO leadership team. From our office in Buchs SG, Switzerland, you build up and lead an international team of risk professionals and together with your team take end-to-end ownership in all aspects of IT risk and control management framework.

Line Management
As a passionate team builder and to support our people growth commitment you drive recruiting, hiring, coaching, upskilling and training of your team of specialists. You are an ambassador for cybersecurity and are a trusted adviser to the management team of Global IT and beyond.

Cyber Risk Management
You are the owner of the cyber risk management process with respect to IT, IoT and OT. You maintain the cyber risk register. You identify, analyze and assess key risks including third party risks. Together with the risk owners you define risk mitigating actions and monitor progress of implementation. You also oversee and continuously evolve the growing control framework. You align with other risk functions in the business and in corporate functions.

Assurance
You plan, coordinate and oversee all cyber security cyber security testing activities (e.g. penetration tests, red teaming, attack simulations, bug bounty program) and support internal and external audits as well adhoc risk assessments.

Training and Awareness
You deliver the enterprise-wide awareness and training program (incl. phishing campaigning).

Crisis and Business Continuity Management
You ensure operational resilience when it comes to managing emergency and crisis situations in Global IT and maintain a forward-looking, sustainable BCM framework for all IT departments.

Cybersecurity Management
You are the owner of the cybersecurity management system, the policy framework and the periodical management reporting. You define group-wide cyber security standards and assist in proper implementation of control processes.

We give you the autonomy to identify the right technology solutions for our customers. We also encourage you to grow, not only in this role, but also beyond - you will be able to move around the business, to experience various job functions and even work abroad in different markets.
Our IT department is located in Buchs SG, Switzerland in the beautiful and mountainous Rhine Valley. It is in convenient walking distance to the city center and train station as well as in close proximity to our corporate headquarters in Schaan, Liechtenstein.
As integral part of our performance oriented yet caring culture we want you to work your best. Offers such as flexible working/part time arrangements, comprehensive insurance and pension plans, day care for your children are just some of the ways we do that. Additionally, Hilti e-bikes are readily available for you to use free of charge!

We have strong senior and executive management support when it comes to cyber.
We are true partners to our business.
We are committed to operational excellence and continuous improvement.
We work in classical IT environments but also in IoT and OT environments.

• For this position, we are seeking a creative, innovative, and open-minded leader with an exceptional expertise in IT risk & security risk management and a successful track record of leading specialist teams in Cyber Security. The ideal candidate is a self-starter who has a demonstrated ability to work both on the conceptual level as well as on the implementation level. If you combine a strong analytical skillset with knowledge and experience in Cyber Security technology and processes, and with excellent oral and written communication skills, you are exactly what we are looking for.
• Must have:
• Master’s degree in Information Technology, Computer Science, Risk Management, Cyber Security or in a similar field; CAS/DAS/MAS or a PhD are considered a definitive a plus
• More than 5 years of experience in a similar role working in global enterprise IT environments
• Profound Risk Management expertise with a focus on technology risk
• Proven compliance expertise
• Excellent technical understanding of cybersecurity concepts in several domains (Infrastructure Security, Software Security, Cloud Security, Data Protection, Identity and Access Management etc.)
• Adaptive communication style: ability to explain complex topics in simple terms, to listen and to translate security requirements into robust solutions
• Comfortable to work together with senior and executive management
• Pragmatic and solution-driven personality
• Fluent in English (verbal and written), additional languages (e.g. German) are a plus
• Good to have:
• Relevant IT risk (e.g. CRISC) or cybersecurity certifications (e.g. CISM, CISSP) are a plus
• Experience with leading interdisciplinary teams of specialists
• Proven track record as CISO or Head Cyber/Information/IT Security
• As strong background in IT/security engineering experience, security testing, awareness and communication is a plus

We look forward to receiving your application.
Contact: thomas.rhomberg@hilti.com

Hilti is an equal opportunity employer