HR Security and Compliance Analyst - Barcelona, España - Schneider Electric Norge AS

Descripción

About the role: As an HR Security and Compliance Analyst, main role is to Support Security, and Privacy solutions for HR processes in Schneider Electric and play a crucial role in risk analysis and assessment of applications supporting these HR processes.

Essential Day-to-Day Responsibilities:

• As Security and Compliance Analyst, understanding of security policies, standards, and procedures in accordance with organization goals.
• Evaluate and advise on the implementation and effectiveness of the cybersecurity safeguards to ensure that they provide the intended level of protection.
• Perform risk assessments to identify gaps in compliance to information security standards and policies and devise strategies and implement controls to minimize the risk.
• Proactively identify risks and escalate to stakeholders. Data security governance, data classification, data security design, security management, personal information compliance and protection consulting.
• Support Privacy / Security issues with risk identification and action plan.

Required Skills (Must Have) Along with Necessary Industry Experience

General

• Knowledge in information security and hands-on experience with key components of cybersecurity
• Security governance, risk and compliance,
• Security Awareness, Experience in working independently or as part of a large team to delivery Cyber services on its own or within large complex projects.
• Practical experience with conducting risk assessments and testing of controls
• Excellent analytical skills and knowledge of data analytics methods
• Conducting Risk Assessments, analyze and document assessments, work out questionnaires and standard documentation.
• Supporting the standardization of Risk and IT Control catalogues for regulatory compliance.
• Deploy processes and tools to help detect and prevent privacy breaches.
• Knowledge on Data leak prevention tools and implementation of endpoint protection.
• Extensive knowledge in GDPR regulation and its requirements. Supporting and guide the team in adhering to the complex web of relevant national and international regulations.
• Ensuring a harmonized approach towards data protection and privacy by bringing together our stakeholders (e.g. legal, compliance, risk, HR, security, business functions...).
• Experience of working through Agile methodology
• Excellent Communication and presentation skills
• Good Exposure towards working in highly matrixed setup of Global MNCs

Skills Required

• Functional Expertise on any HCM solution and associated applications – Global HR, Application Security & Compensation.
• At least 5 years of sound industry experience in one or more of the following areas: cyber strategy and knowledge in Information security, privacy governance, assessment, remediation, policies, procedures, data retention concepts and Data Classification implementation knowledge,
• Good understanding of RBAC/ABAC
• Security policies and procedures, design and implementation of security policies, procedures, standards, and controls in line with regulation and/or current standards
• Data privacy, implementation of data protection / GDPR programs to address confidentiality and security over customer, employee, or patient data.

Find out if this role might be your next role– take charge, act like owners and discover your next step.

Why us?

Schneider Electric is leading the digital transformation of energy management and automation. Our technologies enable the world to use energy in a safe, efficient and sustainable manner. We strive to promote a global economy that is both ecologically viable and highly productive.

€34bn global revenue

employees in 100+ countries

45% of revenue from IoT

5% of revenue devoted for R&D

You must submit an online application to be considered for any position with us. This position will be posted until filled

It is the policy of Schneider Electricto provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct. Concerning agencies: Schneider Electric does not accept unsolicited resumes and will not be responsible for fees related to such.