Head of Cyber Enablement and Compliance

About The Position

Requirements

• Professional with a positive attitude and capable of contributing to a dynamic and team-oriented culture
• Bachelor’s Degree or equivalent in Computer Science, Engineering or related field required, Master’s degree/MBA is preferred
• A minimum of 8 years of experience in information security
• At least 3 years in a leadership role focused on cyber security governance, risk management, and compliance
• Proven experience in developing and implementing cyber security policies, procedures, and standards
• Familiarity with legal, regulatory, and industry standards and requirements
• Extensive experience in developing and implementing risk management frameworks, conducting risk assessments and managing third-party security risks
• Strong background in regulatory compliance, including conducting and managing audits
• Knowledge of IT and OT infrastructure, architecture, and security tools
• Strong analytical and problem-solving skills with the ability to assess complex security issues and develop effective solutions
• Excellent verbal and written communication skills in English, capable of conveying complex security concepts to non-technical stakeholders
• Strong interpersonal skills and the ability to work collaboratively with cross-functional teams and external partners
• Broad knowledge of project management methodologies; experience managing complex, multi-stakeholder initiatives; ability to design and implement process improvements

Nice To Haves

• Understanding the specific security challenges and regulatory requirements of the Life Science, Healthcare or Pharmaceutical industry incl. production facilities is a plus
• One or multiple information security certifications such as CISM, CISA, CISSP, relevant ISO certification, Sarbanes-Oxley, Data Privacy laws, or PCI is a plus

Responsibilities

• Develop and enhance cyber risk management, compliance, and governance frameworks, aligning with industry best practices and regulatory requirements.
• Support the LS CISO in the designing, implementation and continuous improvement of the Cyber Security strategy at LS.
• Integrate cyber risk into LS business risk management strategy.
• Lead teams in developing and maintaining cyber security procedures, standards, and risk management frameworks, including third-party security risks
• Ensure compliance with legal, regulatory, and industry standards and requirements (e.g. ISO/IEC 27001/27002, NIST CSF, NIS2, CRA, IEC62443, PCI DSS , GDPR)
• Implement a comprehensive cyber security training and awareness program.
• Measure and adjust awareness program effectiveness.
• Provide strategic guidance for advanced IT/OT and cyber risk management practices
• Oversee risk mitigation efforts, including third-party alignment with defined risk appetite
• Collaborate with LS CISO, corporate Cyber Security, and Regional and Site Cyber Security Managers
• Evaluate third-party vendors' security posture
• Develop KPI frameworks, dashboards, and reports.
• Present risk-related reports to senior leadership.

Benefits

• Benefits offered by the Company include health insurance, paid time off (PTO), retirement contributions, and other perquisites.