Lead Security Architect

Application deadline:

Workplace: Onsite Position

Job Location (Short): Bjerringbro, Midtjylland, Denmark | Aartselaar, Antwerpen, Belgium | Almere, Flevoland, Netherlands | Oslo, Oslo, Norway | Stockholm, Stockholms län, Sweden

Contract Type: Full-Time

Employment Type: Regular

Are you dedicated to cyber security management and looking for an opportunity in a global organization developing solutions for sensitive utility services and critical infrastructure? Join a committed Digital Architecture team at Grundfos.

At Grundfos, we develop state-of-the-art reliable, sustainable water management technology for public, private and commercial use. We rely on intelligent digital solutions and security is a key priority.

As Lead Security Architect, you will support our project teams across the product portfolio. We are looking for people with lead capacity within OT (embedded & Linux) or IT (cloud & digital offerings).

We are an international organization operating globally and in this role, you may be located in Benelux or Scandinavia working remotely with regular travel to the headquarters in Denmark.

Job Purpose

The main purpose is to:

• Establish and Enhance Security Frameworks: Support the implementation, maintenance, and continual improvement of the Grundfos Information Security Management System (ISMS), ensuring comprehensive security for digital assets.

• Enforce Robust Risk Management: Develop and enforce a rigorous risk management regime that conducts, coordinates, registers, documents, and reports relevant information security risks.

• Incident Management and Response: Ensure effective responses to and management of information security incidents, minimizing impact and ensuring swift recovery.

• Promote Secure Development Practices: Foster a culture of secure development within the software development divisions, aligning with industry standards and best practices.

• Collaboration and Compliance: Work closely with cross-functional teams to ensure compliance with legal, regulatory, and industry standards, contributing to the overall security posture of Grundfos.

Key Activities

Your key areas of responsibility will include:

• Conduct assessments of projects and third-party vendors to ensure alignment with established cybersecurity standards and frameworks.

• Stay abreast of the latest cyber threats and vulnerabilities affecting OT and IT, and develop strategies to counteract these risks effectively.

• Ensure all development activities comply with IEC 62443-4-1, ISO 27001 and ISO 15288 standards, fostering a secure development lifecycle.

• Oversee and enhance information security processes in line with the Grundfos Information Security Management System (ISMS).

• Identify, document, and monitor cybersecurity risks, maintaining comprehensive risk registers and facilitating the development of risk treatment plans for development teams.

• Manage and track identified product vulnerabilities, coordinating response and disclosure efforts as per Grundfos policy.

• Handle and complete third-party security questionnaires related to information security and risk assessments from suppliers and clients.

• Develop, implement, and execute incident response to address and mitigate security incidents effectively.

• Assist with penetration testing, threat modelling, and review of product security documentation to ensure robust security measures are in place.

• Collaborate with the Application Security (AppSec) program to provide expertise, support, and training within cybersecurity topics, ensuring product compliance with standards like ISO27001, IEC62443, CRA, RED DA, and others. Facilitate the deployment and management of security tools, perform recurring assessments, and coordinate the response to cybersecurity incidents.

• Conduct regular training sessions and awareness programs for development teams to promote a culture of cybersecurity vigilance and best practices.

• Collaborate with cross-functional teams to develop and update cybersecurity policies and procedures, ensuring they are relevant and effective.

• Continuously evaluate and improve existing security measures, leveraging new technologies and methodologies to enhance overall security posture.

• Ensure ongoing compliance with applicable legal, regulatory, and industry standards, conducting periodic audits and assessments as required.

• Work closely with other departments, including IT, legal, and compliance, to ensure a unified approach to cybersecurity. Provide regular reports on security status and initiatives to senior management.

Requirements

We are looking for a person with a good understanding of cyber security and familiar in creating and nurturing security awareness and understanding across technical functions and businesses.

We imagine that you have:

• A relevant technical degree related to Information Security, Computer Science, or Cybersecurity.

• More than 5 years of experience with identifying, assessing, and managing information security risks related to relevant assets.

• Experience with the technical context of IT systems, network security, encryption, and other technical aspects of information security within the fields of OT (embedded & linux) or IT (cloud & digital offerings).

• Understanding of cybersecurity in the scope of an end-2-end architecture within software development environments.

• CISSP, CISM, CISA, CSSLP, or similar certifications is a plus.

• Proficiency in security tools, forensic analysis, and incident detection and response technologies and methods.

• Familiar with legal and regulatory requirements related to data protection and incident reporting.

• Strong analytical skills for incident investigation, data analysis, and threat identification.

• Excellent communication and cross-collaboration skills.

• Proficiency in English.

Additional information

If you have questions or want to know more about the position, please contact Patrick van Beers, Head of Digital Architecture, at pbeers@grundfos.com.

If this job sounds appealing to you, please send your resume and cover letter as soon as possible. We will invite for interviews on an ongoing basis.

We look forward to hearing from you.

If you want to dive deeper into the Grundfos universe, please visit us onLinkedIn (http://www.linkedin.com/company/5195) orYouTube (http://www.youtube.com/watch?v=zwY54t455CU) .

About Grundfos

Grundfos is one of the world’s leading water technology companies with more than 19.000 employees in 60+ countries all over the world. Our skills commit us to pioneering solutions to the world’s water and climate challenges and improve the quality of life for people. We dare to do things that others cannot or dare not do, as we believe innovation is not only a business opportunity, but an obligation. And what really matters to us is not short term profit, but the impact we make. By becoming part of our united powerful team, you too can drive this change no matter your role.

An inclusive team

We believe that the key to a work environment, where employees thrive and grow, is our ability to celebrate and value our differences in background, experiences and perspectives. In our recruitment process we welcome all professional people without consideration of age, colour, gender identity, national origin, physical or mental disability, ethnicity or religion.