Jobs for People with MS: National MS Society

Mobile National MS Society Logo

Job Information

Grundfos Lead Security Architect in Almere, Netherlands

Lead Security Architect

  • Apply Now

  • Start applying with LinkedIn

  • Please wait...

Job Description

Are you dedicated to cyber security management and looking for an opportunity in a global organization developing solutions for sensitive utility services and critical infrastructure? Join a committed Digital Architecture team at Grundfos.

At Grundfos, we develop state-of-the-art reliable, sustainable water management technology for public, private and commercial use. We rely on intelligent digital solutions and security is a key priority.

As Lead Security Architect, you will support our project teams across the product portfolio. We are looking for people with lead capacity within OT (embedded & Linux) or IT (cloud & digital offerings).

We are an international organization operating globally and in this role, you may be located in Benelux or Scandinavia working remotely with regular travel to the headquarters in Denmark.

Job Purpose

The main purpose is to:

  • Establish and Enhance Security Frameworks: Support the implementation, maintenance, and continual improvement of the Grundfos Information Security Management System (ISMS), ensuring comprehensive security for digital assets.

  • Enforce Robust Risk Management: Develop and enforce a rigorous risk management regime that conducts, coordinates, registers, documents, and reports relevant information security risks.

  • Incident Management and Response: Ensure effective responses to and management of information security incidents, minimizing impact and ensuring swift recovery.

  • Promote Secure Development Practices: Foster a culture of secure development within the software development divisions, aligning with industry standards and best practices.

  • Collaboration and Compliance: Work closely with cross-functional teams to ensure compliance with legal, regulatory, and industry standards, contributing to the overall security posture of Grundfos.

Key Activities

Your key areas of responsibility will include:

  • Conduct assessments of projects and third-party vendors to ensure alignment with established cybersecurity standards and frameworks.

  • Stay abreast of the latest cyber threats and vulnerabilities affecting OT and IT, and develop strategies to counteract these risks effectively.

  • Ensure all development activities comply with IEC 62443-4-1, ISO 27001 and ISO 15288 standards, fostering a secure development lifecycle.

  • Oversee and enhance information security processes in line with the Grundfos Information Security Management System (ISMS).

  • Identify, document, and monitor cybersecurity risks, maintaining comprehensive risk registers and facilitating the development of risk treatment plans for development teams.

  • Manage and track identified product vulnerabilities, coordinating response and disclosure efforts as per Grundfos policy.

  • Handle and complete third-party security questionnaires related to information security and risk assessments from suppliers and clients.

  • Develop, implement, and execute incident response to address and mitigate security incidents effectively.

  • Assist with penetration testing, threat modelling, and review of product security documentation to ensure robust security measures are in place.

  • Collaborate with the Application Security (AppSec) program to provide expertise, support, and training within cybersecurity topics, ensuring product compliance with standards like ISO27001, IEC62443, CRA, RED DA, and others. Facilitate the deployment and management of security tools, perform recurring assessments, and coordinate the response to cybersecurity incidents.

  • Conduct regular training sessions and awareness programs for development teams to promote a culture of cybersecurity vigilance and best practices.

  • Collaborate with cross-functional teams to develop and update cybersecurity policies and procedures, ensuring they are relevant and effective.

  • Continuously evaluate and improve existing security measures, leveraging new technologies and methodologies to enhance overall security posture.

  • Ensure ongoing compliance with applicable legal, regulatory, and industry standards, conducting periodic audits and assessments as required.

  • Work closely with other departments, including IT, legal, and compliance, to ensure a unified approach to cybersecurity. Provide regular reports on security status and initiatives to senior management.

Requirements

We are looking for a person with a good understanding of cyber security and familiar in creating and nurturing security awareness and understanding across technical functions and businesses.

We imagine that you have:

  • A relevant technical degree related to Information Security, Computer Science, or Cybersecurity.

  • More than 5 years of experience with identifying, assessing, and managing information security risks related to relevant assets.

  • Experience with the technical context of IT systems, network security, encryption, and other technical aspects of information security within the fields of OT (embedded & linux) or IT (cloud & digital offerings).

  • Understanding of cybersecurity in the scope of an end-2-end architecture within software development environments.

  • CISSP, CISM, CISA, CSSLP, or similar certifications is a plus.

  • Proficiency in security tools, forensic analysis, and incident detection and response technologies and methods.

  • Familiar with legal and regulatory requirements related to data protection and incident reporting.

  • Strong analytical skills for incident investigation, data analysis, and threat identification.

  • Excellent communication and cross-collaboration skills.

  • Proficiency in English.

Additional information

If this job sounds appealing to you, please send your resume and cover letter as soon as possible. We will invite for interviews on an ongoing basis.

We look forward to hearing from you.

If you want to dive deeper into the Grundfos universe, please visit us onLinkedIn (http://www.linkedin.com/company/5195) orYouTube (http://www.youtube.com/watch?v=zwY54t455CU) .

  • Apply Now

  • Start applying with LinkedIn

  • Please wait...

Information at a Glance

Job Details

Application deadline:

Workplace: Onsite Position

Job Location: Bjerringbro, Midtjylland, Denmark | Aartselaar, Antwerpen, Belgium | Almere, Flevoland, Netherlands | Oslo, Oslo, Norway | Stockholm, Stockholms län, Sweden

Contract Type: Full-Time

Employment Type: Regular

DirectEmployers