IT Security & Compliance Manager

Smurfit Kappa is one of the leading European manufacturers of paper-based packaging. In the cluster RPE Recycled Paper East) they produce with their 1.700 employees approximately 2.2 million tons of containerboard for the Central European market. Their 7 Paper & Board mills and 2 internal companies for
shared services and logistics are located in Germany, Czech Republic and The Netherlands.
Reporting to the ICT Operations Manager, the IT Security & Compliance Manager is responsible for the implementation of the IT controls, Framework, compliance monitoring and support of all paper & board mills within the RPE cluster and for the perpetual security monitoring of critical security components across their
IT infrastructure and systems. Amongst other duties the IT Security & Compliance Manager will assess security/cyber risks and identify and report security weaknesses.

Main Tasks/Key Accountabilities/Responsibilities

• Hold overall responsibility for an effective and efficient implementation of the risk-based IT Controls Framework that governs all IT operations across RPE, ensuring that it remains aligned with the Group’s compliance obligations and security challenges and is proportionate to risk, enforceable and manageable by sites;
• Oversee IT compliance monitoring and support to attain the highest possible standards of compliance across RPE, reflected also through strong internal and external audit outcomes;
• Oversee security monitoring, security threat alerting and vulnerability reporting for central and relevant local infrastructure and systems;
• Ensure that effective and coordinated mechanisms are in place for reporting and responding to any security incidents that might affect the business – for example phishing, malware attacks and data breaches – and that all participants and stakeholders are aware of and equipped to follow the plans;
• Maintain high levels of security awareness across the entire workforce form shop floor to (senior) management, by delivering timely relevant material with content and format most appropriate to each audience. Ensure that awareness is aligned with prevailing security and cyber threats to the business;
• Provide appropriate support to both auditors and auditees during internal and external IT audits.

Key Competencies/Qualifications/Requirements

• Bachelor’s or Master degree and equivalent experience with relevant industry certifications;
• 5+ Years working experience in the Information Security & Compliancy or related field;
• Experience with common Information Security management frameworks;
• Familiarity with current legal and regulatory security compliance programs including but not limited to GDPR;
• In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls;
• Good knowledge of Cyber Security principles, IT protocols and experience working with various reporting IT tools/systems and IT industry service management frameworks;
• Good understanding of technical and infrastructural security concepts, procedures and test methods is an advantage;
• Possesses strong analytical skills with the ability to analyse complex documents, interpret their relevance and convey complex technical concepts to a non-technical audience;
• Team player with a ‘can-do’ attitude and with a drive to continuously improve;
• Willing to travel frequently;
• Awareness of the environment and sensitivity to the organisation;
• Excellent writing and verbal communication skills are required. Fluency in English is a must and preferably in German;
• Maintain high levels of security awareness across the entire workforce form shop floor to (senior) management, by delivering timely relevant material with content and format most appropriate to each audience. Ensure that awareness is aligned with prevailing security and cyber threats to the business;
• Provide appropriate support to both auditors and auditees during internal and external IT audits.

Additional information

Remuneration Package: Competitive and in line with market expectations. Variable bonus is applicable.

Interested?

If you are interested in this vacancy, please send your resume and cover letter to Nicole de Jong, nicole@internetwerving.nl.

Smurfit Kappa Roermond  heeft het recruitment proces uitbesteed aan I-recruiting B.V. Dat betekent dat het eerste telefonische contact met I-recruiting zal zijn. Indien u in het functieprofiel past, wordt uw CV (inclusief gespreksverslag) doorgestuurd naar Smurfit Kappa Roermond. Zij zullen eventuele vervolggesprekken met u voeren.