Regional IT Risk and Compliance Manager_HC

Shanghai
Permanent
Full-time

17 days ago

Job DescriptionThe Bosch Home Comfort Group has acquired the HVAC business from Johnson Controls/Hitachi. The acquisition and subsequent integration is managed by the Trinity project, with the IT functional area having overall responsibility for all IT-related topics.In the IT functional area, as the Regional IT Risk and Compliance Manager, you will be jointly responsible to deploy the compliance with Bosch IT regulations for the organizations and locations in APAC.In addition, you will ensure that an open risk culture is created within the project, as well as active and effective identification and tracking of IT risks and deviations from Bosch regulations occur.IT Compliance:

In alignment with the Global IT Risk & Compliance Management Team, definition of a holistic approach for the deployment of IT Compliance (i.e. cross-functional topics: ISP, Cyber Security, Access Management and OneIndustrial IT).
Planning and performance of regional IT Compliance Assessments (z.B. Security Audits, Risk Analysis).
In alignment with the Global IT Risk & Compliance Management Team, establishment of an IT Compliance Community (e.g. awareness sessions, trainings, templates) for new Bosch managers and associates.
Determination and reporting of the IT Compliance status to stakeholders (e.g. Trinity IT Compliance Office, Governance Departments, HC/BV).
Evaluation of existing IT Compliance standards (e.g. IT self-checks, SOX self-assessments) and solutions (e.g. SAP GRC, LeanIX, WSR, ROPA) and consideration in the integration to the Bosch standards.

IT Risk Management:

Responsible for the deployment of IT Risk and Compliance Management processes in the regions in scope.
Identification of vulnerabilities and related risks as well as performance of risk assessments based on valid methods.
Stakeholder-specific development and reporting of risks.
Consulting and support in the implementation of sustainable and effective measures for risk mitigation and IT Compliance.
Responsible for the inventory and appropriate follow-up of risks and respective measures.
Support in the establishment of a risk culture.
Continuous improvement of the IT Risk and Compliance Management System.

Qualifications

Education: Completed (technical) university degree in business administration, process management, business informatics or comparable area.
Experience: Minimum 8 years experience in IT Governance, IT Risk Management, IT-Audits or IT-Compliance. Alternatively related experience in the deployment of controls in Information Security and Data Protection (ISP), Cyber Security and/or Access Management.
KnowHow: Strong knowledge of the current Bosch IT regulations or leading standards for ISP, Cyber Security, Access Management and/or One.Industrial IT.
Analytical Capabilities: Strong analytical and conceptual skills to assess complex IT risks and define practical measures.
Additional Qualifications: Experience in external standards for IT risk management such as ISO31000, ISACA Risk IT or security and audit requirements (e.g. COSO, COBIT, NIST, CIS).
Personality: Structured and solution-driven working style, willingness to take responsibility, team player with good communication and persuasion skills.
Language: Fluent in English and local language for APAC (e.g. Chinese, Japanese).
Enthusiasm: Enjoy new challenges, international cooperation in cross-functional teams with associated willingness to travel (30%)

Bosch

Apply Now