What's the role?
You will be part of the Global Cyber Risk, Control & Assurance team and take end-to-end ownership for all aspects of IT & Cyber Risk Management at Hilti. As a product owner, your role is to provide thought leadership to infrastructure teams, application teams, decision makers. This is a very versatile and important role in our Line of Defense 2, covering all risk aspects of IT, OT and IoT.
This full-time position is available as soon as possible.
Who is Hilti?
Join Hilti – A Great Place to Work 2024 & ranked as Asia’s 4th Best Workplaces.
At Hilti, innovation drives everything we do. We’re committed to improving productivity, safety, and sustainability in the global construction industry and beyond. Our strong customer relationships help us create solutions that truly build a better future . With over 120 locations worldwide , we take pride in fostering a deep sense of belonging that extends into our lives and homes.
At Hilti Asia IT Services , we’re at the forefront of digital transformation in construction, aligned with our mission of Making Construction Better . As the IT backbone of Hilti, we empower over 34,000 employees across 120+ countries, delivering cutting-edge solutions to enhance productivity globally.
Based in Malaysia , we collaborate with global teams, utilizing the latest technologies in software development, analytics, IT infrastructure, and design engineering to drive transformative initiatives.
Our people are our greatest strength, and our Great Place to Work 2024 recognition celebrates our commitment to a culture that values care, performance, and innovation . We offer competitive rewards and comprehensive career development opportunities that ensure your success is our priority.
Come be a part of our journey and make a lasting impact!
What does the role involve?
You identify and assess threats and translate them into relevant risk scenarios, providing transparency to risk owners and other stakeholders. You propose risk mitigation actions aligned with our cyber risk appetite and manage them in our GRC tool, for which you will assume ownership. You own and mature the cyber risk, control and process framework and bring it to the next level. You will be responsible for proactively conducting risk assessments of business areas, platforms, processes and third parties. You work closely together with your fellow cyber risk officers on risk and control activities. You liaise and collaborate with all of the 3 Lines of Defense. You train internal stakeholders in the best practices for IT & cyber risk management. You have the authority to raise risks toward respective risk owners and produce relevant metrics and periodical risk reports for different audiences. You have a positive, critical but solution-oriented mindset.
Many are often surprised to know that a manufacturing company such as Hilti has a cybersecurity team. With our offerings of hardware, software, and services to enable digitalization in the construction industry, the Cybersecurity team's top priority is to keep Hilti secure. We are a global, interdisciplinary team covering all domains to protect Hilti from cyber-attacks.
What do we offer?
At Hilti, we believe in a caring and performance-oriented culture. Our people are our greatest strength, and our Great Place to Work 2024 recognition celebrates our commitment to a culture that values care, performance, and innovation. We offer competitive rewards and comprehensive career development opportunities that ensure your success is our priority.
Click on the link to know more: Kuala Lumpur | Hilti Careers
What you need is:
- Bachelor’s degree in computer science, software development, cybersecurity, risk management or related discipline, a Master’s Degree is an advantage for this position
- 5+ years’ experience practical hands-on working experience in IT & cyber risk management
- Proven subject matter expertise in multiple fields of qualitative and/or quantitative IT & cyber risk management, e.g. risk governance, risk identification, risk analysis, risk assessment, risk mitigation, risk reporting
- Knowledge of relevant frameworks (ISO, NIST, ISF SoGP) and best practices (Risk IT, IRAM2) as well as relevant regulatory frameworks (NIS2, CRA, GDPR, AI Act)
- One or more of the following: CISSP, CISM, CISA, CRISC or another relevant certification
Why should you apply?
You strongly believe that cybersecurity is a business enabler and that there is no digital transformation without taking care of the IT & cyber risks that come along. You understand the importance of communicating IT & cyber risks to relevant stakeholders in a language that they can relate to. You are interested in exploring new cyber threats and technological trends (e.g. AI, quantum,) and what risks they pose to organizations. You work in both classic IT and IoT as well as OT environments, where we expect great technological progress. You are able to adapt quickly to changing environments and risk landscapes and can create risk frameworks accordingly. You feel confident in communicating with senior management on risks and threats.
Does this sound like you? We look forward to your application! We look forward to your application! For further questions, please feel free to contact Monica Garcia-Santos , Monica.GarciaSantos@hilti.com.
Hilti is an equal opportunity employer.
