Cyber Security Governance Expert

A career with MilliporeSigma is an ongoing journey of discovery: our 60,300 people are shaping how the world lives, works and plays through next generation advancements in Healthcare, Life Science and Electronics. For more than 350 years and across the world we have passionately pursued our curiosity to find novel and vibrant ways of enhancing the lives of others. MilliporeSigma is a business of Merck KGaA, Darmstadt, Germany.

This role does not offer sponsorship for work authorization. External applicants must be eligible to work in the US.

Your Role:

The Cyber Security Governance Expert position is an integral member of our Cyber Security organization. In this role you will lead the development of the companies Cyber Security Governance Policy and Control Framework in line with industry standards, regulatory requirements and best practices to protect the confidentiality, integrity, and availability across thew company IT and OT assets, software-based products, and applications. As a member of the Cyber Security Strategy, Governance, Assurance and Risk Management team, your main responsibilities are:

• Lead the development and enhancement of the Cyber Security Governance Policy and Control Framework in line with industry standards, regulatory requirements and best practices
• Promote stakeholder consensus on the Governance Policies and Controls to guide good Cyber Security hygiene and staff behaviors across all domains of IT, OT, IoT and software-based products
• Partner with management and assist them in implementing a sustainable Cyber Security Governance program
• Work with business professionals around the globe to raise awareness for and assist them in interpreting the Cyber Security standards
• Conduct Cyber Security audits and control effectiveness reviews (also with external partners) to verify and ensure that stakeholders throughout the company adhere to relevant Cyber Security requirements

Who you are:

• Bachelor’s degree or equivalent in intelligence studies, computer science, engineering or related field.
• Minimum of 5 years’ experience with a focus on industry standards and regulatory requirements (e.g. ISO/IEC 27002, TÜVIT Trusted Site Infrastructure (v4), PCI DSS, CIS CSC, NIST SP 800-64 R2, HIPAA or KRITIS / B3S PHARMA)
• Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines
• Demonstrated experience across multiple information security domains preferred (e.g. IT, OT, IoT and products)
• Expertise in conducting Cyber Security audits (also with external partners) with ability to derive and implement actions in order to close identified gaps in alignment with affected business areas
• 1 or more industry-recognized security, or audit professional certifications (e.g. CISA, CISM, CISSP, CCSP)
• Professional with a positive attitude and capable of contributing to a dynamic and team-oriented culture
• Fluent in English, additional language skills (e.g. German) considered as an advantage

What we offer: We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We celebrate all dimensions of diversity. We believe that it drives excellence, innovation, and human progress. We care about our customers, patients, and our rich mix of people. This diversity strengthens our ability to lead in science and technology. We are committed to creating access and opportunities for all and empower you to fulfil your ambitions. Our diverse businesses offer various career moves to seek new horizons. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to bring their curiosity to life!

If you would like to know more about what diversity, equity, and inclusion means to us, please visit https://www.emdgroup.com/en/company/press-positions.html

If you are a resident of NYC, Connecticut or Colorado, you are eligible to receive additional information about the compensation and benefits, which we will provide upon request. You may contact 855 444 5678 from 8:00am to 5:30pm ET Monday through Friday, for assistance.

The Company is an Equal Employment Opportunity employer. No employee or applicant for employment will be discriminated against on the basis of race, color, religion, age, sex, sexual orientation, national origin, ancestry, disability, military or veteran status, genetic information, gender identity, transgender status, marital status, or any other classification protected by applicable federal, state, or local law. This policy of Equal Employment Opportunity applies to all policies and programs relating to recruitment and hiring, promotion, compensation, benefits, discipline, termination, and all other terms and conditions of employment. Any applicant or employee who believes they have been discriminated against by the Company or anyone acting on behalf of the Company must report any concerns to their Human Resources Business Partner, Legal, or Compliance immediately. The Company will not retaliate against any individual because they made a good faith report of discrimination.

As an employee of the Company, you will be required to comply with all of the Company’s COVID-19 safety protocols and policies. The organization has currently suspended enforcement of its COVID-19 Vaccination Policy, but that policy may be reinstated by the Company in its discretion.