Warning message

This job ad is no longer active. Search for new jobs.

Cybersecurity Analyst (IRM)

About Fisker Inc.

California-based Fisker Inc. is revolutionizing the automotive industry by developing the most emotionally desirable and eco-friendly electric vehicles on Earth. Passionately driven by a vision of a clean future for all, the company is on a mission to become the No. 1 e-mobility service provider with the world’s most sustainable vehicles. To learn more, visit www.FiskerInc.com – and enjoy exclusive content across Fisker’s social media channels: Facebook, Instagram, Twitter, YouTube and LinkedIn. Download the revolutionary new Fisker mobile app from the App Store or Google Play store.

The Cybersecurity Analyst is responsible for administration and optimization of cybersecurity governance, risk, and compliance services for the enterprise and its vehicle product. The Cybersecurity Analyst assists with the evaluation, rationalization, development, and enforcement of controls in the context of ISO27001, ISO21434, SOX, GDPR, PIPL and other national and international, cybersecurity and data protection requirements.

Role Overview:

Cybersecurity Policy Management and Maintenance
Cybersecurity Training & Awareness Campaigns
Cybersecurity Regulatory & Policy Compliance Program
Cybersecurity Risk Assessment
Privacy and Data protection Initiatives
Participate in understanding the enterprise objectives and translating them into annual cybersecurity & data protection strategy, roadmap, and objectives.
Work with the business, CISO, and cybersecurity management to understand compliance gaps, requirements, technical needs and translating them into standard process and configurations.
Participate in establishing and maintaining security and privacy policies, baselines, standards, checklists, and processes.
Participate in establishing a strong and effective Cybersecurity & Data Protection Governance model and instituting a sound GRC platform based on a unified security compliance model.
Participate in the execution of enterprise-wide cybersecurity & data protection awareness programs with an objective to enhance staff awareness levels.
Participate in establishing and maintaining cybersecurity & data protection KPIs and metrics and risk register.
Participate in maintaining overall cybersecurity & data protection remediation plans and managing waivers and exceptions.
Participate in cybersecurity & data protection process assessment and optimization.
Coordinate and prepare management reporting.
Participate in Identifying and keeping track of cybersecurity & data protection compliance mandates and work with governance in the creation, implementation, and maintenance of appropriate procedures to be compliant with all applicable regulations e.g., supplier risk assessments.
Responsible for identifying compliance gaps and recommending, implementing, and maintaining technical and procedural controls to enable regulatory compliance in the most reasonable and cost-effective manner.
Liaison with other business lines and support divisions in the implementation of regulatory compliance requirements.
Responsible for tracking audit findings and recommendations to ensure that appropriate mitigation actions are taken while supporting necessary compliance activities.
Participate in the management of critical cybersecurity & data protection compliance programs including ISO 27001, ISO21434, NIST CSF and compliance mandates from UNECE and other global mandates for cybersecurity and privacy.
Responsible for supporting external and internal IT/backend IT infrastructure, audit activities for ISO 27001, ISO21434, and SOX compliance.
Participate in understanding and interpreting emerging and evolving data protection and privacy standards and translating them into updates for policy and compliance programs.

Skill Requirements:

Ability to interface with all levels within organization and provide input to facilitate decisions.

Ability to interface with all levels within organization and provide input to facilitate decisions.
Analytical skills and ability to formulate, articulate, and present recommendations.
Familiarity with issues relevant to cyber risk management in the mobility industry.
Ability to multi-task and prioritize in fast changing environment.
Ability to relate business requirements and risk to technology and process implementation for security and privacy management issues.
Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment.
Highly organized, self-motivated, and accountable.
High aptitude for learning and can quickly and effectively handle tasks that require initiative and sound judgment.
Excellent English written and verbal communication skills.
Strong problem-solving and technical writing skills.
Understands the need for collaboration, and consistently practices effective teamwork with others.
Capable of prioritizing and managing project, assignments, tasks to completion with minimal supervision.

Educational Requirements:

Bachelor’s degree (BS) in MIS, IT, Information Security, Risk Management or related field (MBA is a plus)
Professional Cybersecurity and/or Privacy Certification (CISSP, CIPP, CRISC) desirable or the ability to obtain in the first 6 months after hire.
5+ years in Information Security or Privacy/Regulatory Compliance field or Juris Doctor Degree.
Strong knowledge and awareness of Corporate Governance, Risk Management methodologies.
Excellent knowledge of information security, related business processes, and control objectives.
Knowledge of information security and privacy standards, codes of practice and guidelines.
Project management skills, including financial/budget management, scheduling and resource management, certification as PMP or related certification a plus
Good understanding of generally accepted IT security and privacy audit procedures and standards
Good knowledge of information security concepts, methodologies and best/leading practices.

#LI-Hybrid

Organization:

Fisker Inc

More about company

Bookmark job