n Information Security and Compliance Analyst BeNeLux
Start: ASAP
1PO until the end of the year
Job description
We are looking for talented people like you to join us! With your skills and passion, we have the necessary tools to realize our vision and engagement to sustainable development. This is our absolute priority! We consider the fight against climate change to be essential, and we are determined to lead our industry towards carbon neutrality.
At Heidelberg Materials, we are guided by core values such as authenticity, curiosity, commitment and collaboration. We believe in diversity, both in terms of people and ideas. We actively work to create an environment where everyone can flourish and contribute to our collective success. Join us on an exciting journey of growth and shaping the future of our organization! We prioritize your development while fostering a healthy work-life balance.
This position is located in Belgium. You will report to the IT Director with a dotted line to the FR/BeNe Information Security Manager.
The Information Security and Compliance Analyst (ISCA) is responsible for supporting the highest standards of information security within HM Benelux.
The role has a broad and evolving range of focus areas, reflecting the importance of data across all parts of the business, and the role played by all colleagues and partners in protecting this data.
This person will work closely with the France/Benelux Information Security Manager, the wider IT management team, departmental stakeholders in e.g. Legal, HR and commercial functions, Heidelberg Materials Information Security, international peers, and external providers.
Your tasks & responsibilities:
User awareness and engagement: undertake creative and engaging campaigns and actions to sensitize users to their role in information security.
Policies: support the review of IT and data management policies, in collaboration with IT, Legal and HR colleagues, to ensure that these are relevant, accessible, understood, provide a high level of awareness of information security essentials, and align with HM Group standards.
Compliance: enable reporting of compliance with the above policies, and with wider Group information security directives, and appropriate follow up with senior management.
Documentation and analysis: support the regular review of the IT asset risk register.
Data management guidance: drive best practice in data management across all departments.
Certification and audit: contribute to a package of measures to ensure adherence to recognized information security standards such as NIST. Support efforts to ensure compliance with legislative norms such as NIS-2, and work with internal and external auditors on all information security related topics.
Reporting and management information: provide quality and actionable reporting on the basis of e.g. training participation, simulated attacks etc.
Project support for information security related projects including BCP, data migrations etc
Job requirements
Your profile:
You have minimum 2 to 3 years of professional experience in IT.
You are fluent in English and French. Dutch is a bonus.
You have strong MS Office skills.
You have a basic knowledge of cybersecurity landscapes. Detailed technical cybersecurity knowledge is not immediately needed. A willingness to learn, and ability to put this learning to practical use in a complex business environment is more important.
You are aware of privacy principles and regulatory requirements (GDPR) and you understand risk management principles, with the ability to identify, assess, and mitigate digital risks.
You are able work effectively with a range of stakeholders, fostering a collaborative environment where cybersecurity is seamlessly integrated into the various operations.
You are willing to work towards recognized security certification (like CISSP, CISM, CISA, CGEIT, CRISC, ISO 27001/5).
You have a close eye for detail, and you are able to work on own initiative with limited guidance.
You are able to present information in a meaningful and digestible way.
You are familiar with basic project management approaches, tools and phases of the project lifecycle.
You are capable and willing to work in an international and multicultural environment with emphasis on service orientation.
You are OK to travel within Benelux and France (approx. 10%).