IT Security & GRC Manager

About the company

As a total solution provider of medical devices and pharmaceutical packaging, Nipro Europe Group Companies is continuously committed to improving patient outcomes and quality of life. We are part of a large global network headed by Nipro Corporation Japan, an industry-leading healthcare company with over 35.000 employees worldwide. Our European headquarters in Mechelen, Belgium covers a wide geographical reach (Europe, Africa, India, the Americas) and is home to Nipro Medical Europe (NME), Nipro PharmaPackaging International (NPI), and the Institute for Medical Practice (iMEP) Belgium

About the role

The IT Security & GRC Manager at Nipro is responsible for overseeing and managing the organization’s IT governance, risk, and compliance programs. The primary focus of this role is on IT Security and involves implementing and maintaining ISO27001 standards and certification and ensuring compliance with the NIS2 directive and derived country specific regulations.

The IT GRC Manager will also support audit activities and manage various governance and compliance topics related to IT. This will include supporting the ISO13485 audits and other internal and external audits from an IT perspective.

The IT GRC Manager will work closely with different departments to develop and enforce IT governance policies, manage IT-related risks, and ensure compliance with relevant regulations. This role requires a proactive approach to identifying potential risks and implementing strategies to mitigate them, as well as a strong ability to communicate and enforce compliance standards across the organization.

What you will do

Governance, compliance and risk (40%)

• Develop, implement, and maintain IT governance frameworks and policies in general, and specifically around ISO27001 and NIS2
• Ensure compliance with ISO27001 standards and NIS2 regulation.
• Monitor and report on compliance status and issues
• Identify, assess, and manage IT risks.
• Develop and implement risk mitigation strategies.
• Conduct regular risk assessments and audits

Project & RFP’s

• Support in Business and IT projects to ensure cyber security is sufficiently taken into account
• Support in RFx and software selection procedures to ensure cyber security is sufficiently taken into account

Policy and procedure Development (10%)

• Develop and update IT policies and procedures.
• Ensure policies and procedures are communicated and adhered to across the organization.

Incident Management (10%)

• Manage IT security incidents and breaches.
• Conduct root cause analysis and implement corrective actions.
• Report incidents to relevant authorities as required

Audit Support (10%)

• Prepare and support internal and external (IT) audits around ISO27001, ISO13485 and other internal and external audits.
• Ensure timely resolution of audit findings and recommendations.
• Maintain documentation and evidence for audit purposes

Domain Knowledge (15%)

• Obtain and stay current on several security certifications
• Retain domain knowledge and follow security and GRC related trends,
• Provide training and awareness programs on IT governance and compliance, including organizing the yearly Cyber Security Month initiatives

What you will need

• Bachelor’s degree in Information Technology, Computer Science, or a related field.
• Professional certifications such as CISM, CISA, or CISSP and certifications around ISO27001 are preferred.
• Proven experience in IT governance, risk management, and compliance.
• Strong knowledge of ISO27001 and NIS2 regulations.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Experience in creating and implementing Cybersecurity awareness and communication plan
• Notice of project management methodology

Why you should apply

• You will join a growing company. This position is a creation of a function to help us to sustain this growth
• Possibility to build up processes, tools and leave an heritage
• Strong collaboration with VP’s, Senior Director and C-Levels
• Home working policy: 50%
• Help us achieve our purpose: help people to live longer and live better