GRC Expert (f/m)

 StepStone ·  09.01.2019 ·  Germany ·  Hewlett Packard Enterprise


Job Description

At Hewlett Packard Enterprise (HPE), we live by three core values that drive our business: Partner. Innovate. Act. These values combine to help us create important work all over the world to advance how people live and work.

Our new innovative IT services organization is HPE Pointnext.  We have the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation.

The GRC Expert for HPE Pointnext will work on and lead design, implementation, and management of Information- and IT-Security projects for customers (all verticals). We are seeking an innovative and motivated professional who under general direction with a high level of autonomy, uses knowledge and skills obtained through education and practical experience to perform the necessary analysis, solution design and implementation tasks related to the development of security solutions to meet the customer's requirements. The GRC Expert will be required to work on multiple client accounts and must have the ability to develop, present and lead the implementation of Information- and IT-Security solutions to customer teams.


Play a significant role in the delivery of consultancy services for HPE Pointnext Professional Services, maintaining quality and customer satisfaction. This is a flexible role typically centered around:  

Design and implement solutions.  

Advise HPE customers in developing Information- and IT-Security solutions and provide governance for customer satisfaction and project success.  

Working closely with customer's project team to develop Information- and IT-Security solutions, either at customer location or remotely dependent upon the customer's requirements and preferred working practices.  

Provide assistance and support on Information- and IT-Security solution to sales, pursuit and other team members as required to achieve overall benefits for the delivery of services to the customer and company as a whole. Share knowledge and experiences.  

Create proposals and calculations within tender processes.  

Conduct workshops, analysis, assessments and audits in the sphere of Information- and IT-Security.  

Continually review and enhance existing knowledge of the Information- and IT-Security aspects of common product sets and technologies.  

Provide 'soft' consultancy skills and a proactive approach to gain trust of our customers.  

Actively participates in HPE professions program and practice improvement activities. Knowledge sharing and re-use within practice or profession. Is recognized by peers as an expert in a particular area of Information- and IT-Security. Sustained and consistent contribution at the region level.  

Deliver presentations at security events like congresses and fairs.



University degree in IT topics and a professional working background in security consulting topics of more than 5 years.  

Very good knowledge of relevant standards (BSI Grundschutz, Cobit, ISO/IEC 19011, 22301, 27xxx, 31000, 38500) and an ability to apply them appropriately  

Provable track of successfully designed and implemented GRC solutions.  

Very good soft skills required for delivering, managing and closing Security Service projects successfully and efficiently.  

Fundamental knowledge of all key areas of Information Security and Security Solutions in line with Security and IS/IT Architecture.  

Understanding of Threat and Risk analysis methodologies/techniques and the interpretation/application of their output in the definition of Information- and IT-Security Solutions.  

Self-dependent management of security architecture projects.  

Car driver’s license.  

Willingness to travel >60% of the working time.  

Fluency in English and German language for professional verbal communication and negotiation as well as for creation of customer documents with correct spelling and grammar.


 

Professional Accreditations

One or more of the following certifications are required:


BSI Lead Auditor  

ISO 27001 Lead Auditor  

CISA  

CRISC  

CISM

CISSP


Part-time working and Job sharing are possible for this position




ework.de — ein Projekt von DIPLANET Digital Solutions Impressum