The Bosch Group is a leading global supplier of technology and services. It employs roughly 429,000 associates worldwide (as of December 31, 2023). The company generated sales of 91.6 billion euros in 2023. Its operations are divided into four business sectors: Mobility, Industrial Technology, Consumer Goods, and Energy and Building Technology. With its business activities, the company aims to use technology to help shape universal trends such as automation, electrification, digitalization, connectivity, and an orientation to sustainability. In this context, Bosch’s broad footprint across industries and regions strengthens its innovativeness and robustness. Bosch uses its proven expertise in sensor technology, software, and services to offer customers cross-domain solutions from a single source. It also applies its expertise in connectivity and artificial intelligence to develop and manufacture user-friendly, sustainable products. With technology that is “Invented for life,” Bosch wants to help improve quality of life and conserve natural resources. Read more at https://www.bosch.com/company/#what-we-do
Bosch Global Software Technologies Private Limited (BGSW) is a 100% owned subsidiary of Robert Bosch GmbH. We are one of the world’s leading global suppliers of technology and services, offering end-to-end Engineering, IT, and Business Solutions. With a global footprint and presence in US, Europe, Japan, China, and the Asia Pacific region, we are at the forefront of designing, developing, and executing IoT ecosystems through our all-encompassing capability within the 3 aspects of IoT – Sensors, Software, and Services. We have always focused on improving the quality of the life of people, providing newer revenue-generating opportunities, and improving operational efficiencies for enterprises through an array of solutions. With our unique ability to offer end-to-end solutions that connect Sensors, Software, and Services, we enable businesses to move from the traditional to digital, or improve businesses by introducing a digital element in their products and processes. Learn more at https://www.bosch-softwaretechnologies.com/en/our-company/about-us/
Job DescriptionThis role is of a Senior Information Security & Privacy consultant. Bare minimum responsibilities as follows:
Stakeholder Management
Undertaking business travels across India to assigned Bosch entities for audits, awareness etc.Governance:
Handling Governance risk and compliance requirement for assigned legal entityHandling compliance requirements of Bosch Central Directive CD 2900 / ISO 27001:2022 Identifying information security, data protection (ISP) risks and reporting to customer managementFunctional guidance to Data Security Partners (DSP) on Information Security and Privacy topics· Audit planning, mentoring, checking the status of completion, provide consultancy on ISP topicsAwareness:
Creating awareness content and conduction awareness for target audience across hierarchyAssurance
Performing Audits. Planning and conducting different types of Information Security and Data protection audits as per Bosch internal and ISO 27001 Standard.· E.g. Privacy audits, Extended risk-based audits, Project audits, process audits, IT security in manufacturing auditsAdvisory
Providing consultancy on Data privacy topics – privacy by design requirementsIdentifying control requirements from Central Directives, NISPR (National ISP regulations) and translating requirements to implementation levelPrivacy principles, (GDPR, Data protection law in India)Cloud on-boarding solutionsData privacy topics -during application development, Privacy contract review, Participation in Quality Gates - providing review and feedbackIT systems - security review as per Bosch Central DirectivesSupporting enterprise applications development as per EISA (Enterprise Information Security Architecture) as per Bosch Central DirectiveOther soft skills required - Good communication & presentation skillsQualificationsFulltime BE/ B.Tech in any discipline.10 – 15 years of post qualification experience in Information Security and Privacy, preferably CISSP, CISA certification statusExperience in working in Manufacturing industry -an added advantageISO 27001 Lead Auditor certified. ISO 27001:2022 (Implementation experience)Personal Data Protection implementation (e.g. EU-GDPR or any other country regulations)