GDS/BA- Senior Specialist Cyber Security Strategy Architecture (m/f/d)

• Cyber Security Architecture and Strategy develops strategies and coordinates solutions to improve the security and data privacy level of BASF.  

• This role advises executives, consults and coordinates the implementation of improvements and monitors progress of the data privacy & cyber security landscape. 

• Consultation on projects and initiatives to ensure that appropriate security measures are taken in relation to the criticality of processing personal data. 

• Integrate "Privacy by Design", "Privacy by Default" and Data subject rights into the design and development of systems, applications, and processes. This includes the use of privacy-friendly technologies throughout the product/project lifecycle, from design to deployment. 

• Development of best practices in the project environment regarding data protection in collaboration with the Data Protection Office. 

• Development and evaluation of security & data privacy requirements in consultation with all strategic business areas, Enterprise Architecture and the data protection organization 

• Responsible for initiation of security projects and the role of professional caretaker for such 

• Steers suppliers to ensure compliance with BASF security requirements; further, conducts escalation and solution of security breaches and deviations  

• Active participation in industry networks of colleagues to discuss special topics and developments. Integrates the findings of those discussions into his/her evaluations  

• Communication and coordination with various internal stakeholders and communities to raise awareness for the security & data privacy strategy and to add value for the business strategy. Active exchange of knowledge and collaboration across teams within the IT- organization  

• Development and evaluation of measures to reduce identified security & data privacy risks, which have been construed from future threats.  

• Evaluation of possibilities to improve business and innovations through secure technologies; integration into strategic business requirements  

• Structure and evaluation of various innovative technologies with reference to security & data privacy in business environments (e.g. Internet of Things, Big Data & Cyber Security analytics, Cloud)  

• Analysis of drafts of the security architects in conjunction with the Enterprise Architecture Security domain as a basis for the development of technical solutions within IT- projects. Support for the development of security standards, which apply for all technologies of the IT- and product portfolio.  

Completed Master's degree or comparable in the field of IT, e.g.: 

• Business Informatics 

• Industrial Engineering 

• Computer Science 

• IT Security 

Professional experience: 

• At least 5 years in comparable positions 

Practical experience: 

• Fast comprehension, strong conceptual and analytical skills and a sense for situational solutions 

• Experience with relevant data protection regulations 

• Strong technical knowledge and fundamentals of IT/OT security e.g. network segmentation, firewalls, endpoint security, anomaly detection 

• Above-average knowledge of data protection law as well as a passion for data protection. 

• Passion to cooperate in an international (regulatory) environment 

• Cyber security architecture and consulting 

• Knowledge of Zero Trust principles desired 

• Evaluation and implementation of new cyber solutions  

• Knowledge of common security standards is an advantage e.g. NIST, ISO27000 

Other qualifications - Proficient language skills: 

• Business fluent English (at least B2) and German language skills 

Other qualifications - IT skills: 

• Solid knowledge of MS-Office 

• ISO 27001 is an advantage 

• Basic understanding of business and IT processes 

Other qualifications - Certifications are an advantage: 

• CISSP 

• CISM 

• CCSP 

• IAPP - CIPP/E, etc 

 Competencies