At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where 'Health for all Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice.

Sr Cyber Security GRC Specialist-Risk Management 

YOUR TASKS AND RESPONSIBILITIES:

The primary responsibilities of this role, Sr Cyber Security GRC Specialist, are to:

• Own and manage the cybersecurity framework, measuring its effectiveness and driving maturity to support business needs;
• Develop and maintain key performance indicators (KPIs) and metrics for GRC initiatives;
• Prepare regular reports for senior management on the status of GRC activities;
• Collaborate with cross-functional teams to integrate GRC principles into business processes and systems;
• Monitor regulatory changes and industry trends to ensure compliance and proactively address emerging risks;
• Deliver strategic initiatives to align with Bayer’s Cyber Security Strategy;
• Provide strategic, risk-based recommendations to cybersecurity leadership on emerging risk matters;
• Perform assessments of cybersecurity risks, identifying gaps, and developing mitigation plans;
• Analyze and recommend actions related to cybersecurity exception requests;
• Monitor third-parties’ cybersecurity risk management profiles;
• Support cybersecurity risk management communications, training, and security awareness.

WHO YOU ARE

Bayer seeks an incumbent who possesses the following:

Required Qualifications:

• A Bachelor’s or Master’s degree in information technology, cybersecurity, computer science, or a related field, or equivalent relevant experience;
• Proficiency in cybersecurity tools and software, understanding of network infrastructure and security protocols, and knowledge of threat modeling and risk assessment techniques;
• Practical experience related to information security in consulting, corporate, or government settings;
• Familiarity with information security standards and frameworks such as ISO/IEC 27001 and NIST;
• Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are desirable;
• Demonstrated ability to work independently and effectively communicate with stakeholders and management.

Preferred Qualifications:

• 5+ years of experience in cybersecurity, with previous experience in a GRC role and across industries highly desired.