Information Security Governance Specialist (mfd)

Bruker is a leading global manufacturer of analytical measurement systems for the life and material sciences. For more than 60 years Brukers high-performance scientific instruments and analytical and diagnostic solutions have empowered scientists to study living things and substances at the molecular cellular and microscopic levels. Working closely with its customers Bruker drives innovation productivity and customer success in molecular research in life sciences pharmaceutical applications microscopy nano-analysis and industrial applications.

Today more than 11 000 employees in over 100 locations on all continents are working on solutions to these challenges. Bruker continues to expand its extensive product and solution offerings its broad installed base and its reputation with customers. As one of the worlds leading analytical instrument companies Bruker continues to strive to fully meet the needs of its customers and to continue to develop state-of-the-art technologies and innovative solutions for todays analytical challenges.

• Develop maintain and continuously improve information security policies standards and guidelines in line with recognized frameworks and regulations (e.g. ISO/IEC 27001 NIST GDPR).
• Monitor compliance with information security governance requirements and support internal and external audits assessments and management reviews.
• Conduct information security and compliance risk assessments identify gaps and recommend remediation actions.
• Provide expert guidance on information security governance data protection and privacy-related topics.
• Collaborate with IT business and compliance stakeholders to ensure security governance is aligned with business and technology strategies.
• Support third-party risk management activities by reviewing vendor security practices and contractual security requirements.
• Track analyze and report governance risk and compliance metrics to provide visibility to senior management.
• Contribute to incident response and lessons-learned activities from a governance perspective ensuring outcomes are reflected in policies and frameworks.
• Support security awareness and training initiatives focused on governance risk and compliance topics.
• Stay up to date with emerging regulations threats and industry best practices proactively incorporating them into governance processes.
• Act as a point of contact for auditors regulators and other external stakeholders on governance-related matters.

• Bachelors degree in Information Security Computer Science Information Technology or a related discipline.
• 35 years of experience in information security governance risk and compliance (GRC) roles.
• Strong knowledge of information security and governance frameworks such as ISO/IEC 27001 NIST COBIT and ITIL.
• Experience with GRC tools (e.g. OneTrust or similar platforms) and risk assessment methodologies.
• Understanding of data protection and privacy regulations including GDPR.
• Professional certifications such as CISA CRISC CISSP or ISO/IEC 27001 Lead Implementer are highly desirable.
• Strong analytical and organizational skills with the ability to manage multiple priorities.
• Excellent communication and interpersonal skills with the ability to engage effectively with stakeholders at various levels.
• Proficiency in Microsoft Office tools particularly Excel and PowerPoint for reporting and presentation purposes.