Fieldwire by Hilti

Head of Information Security, GRC

Fieldwire by Hilti

full-time

Posted on:

Location Type: Hybrid

Location: Austria

Visit company website

Explore more

AI Apply
Apply

Job Level

Lead

Tech Stack

CloudCyber SecuritySDLC

About the role

  • Develop and implement Hilti’s Construction SW security program.
  • Lead and oversee the Construction SW security team and the Product BISOs.
  • On top, act as Product BISO for On!Track.
  • Identify and assess product security risks and threats.
  • Implement security policies and procedures.
  • Ensure compliance with legal and regulatory requirements.
  • Collaborate with other executives to integrate security measures into business processes.
  • Report to management on security incidents and measures.
  • Work closely with other Information Security Officers within Hilti, the Product BISO community and the Group CISO.
  • Shape the further development of the ISMS and implement regulatory, organizational, and technical security requirements.
  • Analyze regulatory and legal developments (e.g., CRA, NIS2, EU AI data act), translate these into actionable requirements, and oversee their implementation.
  • Independently manage business projects related to information and product security, from requirements to implementation.
  • Take responsibility for specific security topics such as Cloud & AI Security or technical risk analyses within the BU.
  • Contribute to the continuous improvement of the security architecture, the ICS, and the ICT & cyber risk management for Construction SW.
  • Own and maintain BU CSW SOC2 certification and support Group ISO27001 certification
  • Coordinate internal and external audits in the field of information security and support the implementation of the resulting measures.

Requirements

  • Master’s degree in computer science, Information Technology, Information Security, Cybersecurity, or a related field. PhD degree preferred.
  • Several years of experience in a leadership position in SW/IT security.
  • Multiple years of experience in information security, including being in decision-taking roles.
  • In-depth knowledge of security protocols, technologies, and standards (e.g., ISO 27001, SOC2, NIST).
  • Experience in developing and implementing security programs.
  • Certifications such as CISSP, CISM, CISA, or equivalent are advantageous.
  • Proficiency in security frameworks, risk management, incident response, and security architecture.
  • Excellent analytical and problem-solving skills. Ability to assess risks and develop mitigation strategies.
  • Strong leadership skills. Demonstrate assertiveness.
  • Strong written and verbal communication skills. Ability to convey complex security concepts to non-technical stakeholders.
  • Capacity to adapt to a fast-paced and evolving environment. Commitment to staying updated on the latest security trends and technologies.
  • High level of integrity and ethical standards. Commitment to protecting the Construction SW’s information assets.
  • Technical understanding in areas such as Cloud & AI Security, IAM, Endpoint Security, Data Security, SDLC, DevSecOps, Application Security.
Benefits
  • 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information securitysecurity protocolsrisk managementincident responsesecurity architectureCloud SecurityAI SecurityIAMEndpoint SecurityData Security
Soft Skills
leadershipanalytical skillsproblem-solvingcommunication skillsassertivenessadaptabilityintegrityethical standards
Certifications
CISSPCISMCISA