GF_IT-E406
Cyber Security Consultant - Full Time - Pune, India
Sulzer is a leading engineering company with a proud heritage of innovation. Join our global team to grow your expertise and develop innovative solutions that enable a prosperous and more sustainable society.
We are looking for a Cyber Security Consultant to join our GF_IT team in India .
Your main tasks and responsibilities:
- Collaborate on the design, implementation, and maintenance of our cutting-edge Third-Party Risk Management System, process and maintain all the landscape of third-party cyber security risks associated with the different solutions and systems. This will require analyzing the vendor and solution posture, having necessary being able to read and interpret data flow and architecture diagrams of the solutions, before implementing them in Sulzer systems.
- Collaborate on the design, implementation, and maintenance of our cutting-edge Information Security Management System (ISMS).
- Contribute to the development and management of all ISMS documentation such as security policies, standards, guidelines, and procedures. Work closely with our team on cyber security compliance exceptions, risks assessments, and GRC tickets, and changes.
- Ensure the compliance alignment of Sulzer with different directives, standards, laws and regulations, with a global scope.
- Perform a continuous monitoring of our policies, standards, directives, guidelines to maintain them aligned with our Cybersecurity Core framework (based on NIST CSF 2.0., IEC 62443 and NIS2 mainly)
- Perform and support to the team in the execution of cyber security risk assessment and control framework assessment, aligning it with industry standards.
- Help in the design of the cyber security and GRC monitoring system, designing KPIs, KRIs, KCIs and other indicators, to evaluate and monitor Sulzer cyber security posture.
- Support cybersecurity audits and assessments from different customers or legal entities.
- Play a key role in disaster recovery reviews, ensuring our systems are resilient and can withstand unforeseen challenges.
- Engage in reviews of vendors, suppliers, as well as contracts, data flow diagrams and questionnaires to guarantee alignment with security standards.
- Conduct Gap analysis (framework vs directives, regulations) to prioritize security initiatives, as well as to check the alignment of the systems, factories, with our cyber security core framework.
- Support and conduct vulnerability scans, reviews, to design remediation plans with the involved stakeholders.
Collaborate with executives to prioritize regional or global security initiatives, cyber security awareness and training plan and apply risk management methodologies.
To succeed in this role, you will need:
- Bachelor’s in computer science with 5-8 years of relevant work experience.
- Security Certificates in the area of Governance , RISK and Compliance ( Risk Management, NIST Cyber security Framework and Controls, NIS2 Directive, ISO 22301, ISO 27005, ISO 31000, IEC 62443, and other directives and standards (e.g. ISO 27001, GDPR, etc.)
- Proficiency in Windows-based operating systems and networks, with the ability to analyze security issues, detect gaps and security threats.
- Knowledge in Security Architecture, to being able to develop Third-Party Risk Management analysis of the solution.
Sulzer is an equal opportunity employer. We believe in the strength of a diverse workforce and are committed to offering an inclusive work environment.
We are proud to be recognized as a Top Employer 2025 in Brazil, China, Finland, Germany, Ireland, Switzerland, South Africa, the UK and the USA.
नौकरी रिपोर्ट करें
