Enterprise Security Manager (Risk, Information and Supply)

About Umicore

Powering the cars of today and tomorrow. Reducing harmful emissions. Giving unique properties to high-end applications. Giving new life to used metals. As a global advanced materials and recycling group, we develop, produce, and recycle materials for a better life.

About Support Functions

A global organisation. It’s not just those in our industrial sites and technical centres that are vital to Umicore’s growth. Across our support functions we ensure that we continue to grow and evolve – whether it’s by making sure our decisions are commercially viable, enhancing our reputation, building new customer relationships or finding the right people who can build on what we’ve already achieved. The variety of our work means we cannot stand still. We need to find new ways to do things, discover new solutions and develop new ideas. Which is where you come in.

What you will be doing

We are currently looking for an Enterprise Security Manager – Risk, Information and Supply in our HQ in Brussels, Belgium to join our Corporate Security team. Reporting to the Chief Security Officer, you will: be an expert in Security Risk Management with a focus on specific security areas: Information, Operational Technology and Supply Chain Security; be the project manager for security related initiatives on multi-site level to enhance operational excellence; promote a security attitude for all and create awareness via the security community as an expert in security legislation for all countries where Umicore has an interest in reinforcing compliance.

Responsibilities:

Manage Enterprise security risk.

• Collect, analyze, and report security and integrity related data from reported incidents, security audits and many other internal and external sources.
• Perform assessments based on these data and prepare security reporting to support and inform senior management, the security community, and the business.

Manage the internal security community.

• Actively promote and facilitate the working of the security community.
• Organize an adequate format workshop, seminars, info sessions on security related topics including exchange of best practices and lessons learned on incidents.
• Provide training to the security ambassadors and use the train the trainer principle.
• Perform a close follow up of the registration of security related incidents and participate in the investigation.

Compliance and legal security advice

• Improve compliance by providing advice and support the business and enterprise functions on the evolution of legislation in the domain of security e.g., Information Protection, ALM, fraud, integrity, bribery and corruption, cybercrime…;
• Make a comprehensive summary and inform Umicore people who need to know, depending on the subject and the region.
• Inform (pro-actively) the security community and the business.

Risk mitigation in Business Partner Screening (BPS)

• Perform BPS on complex, high risk cases.
• Assess the correct use of the BPS tools and info sources and check if the BSP is duly documented in the different business.
• Perform a yearly audit on the BPS. Work together with trade compliance and the ESG and the compliance officer of the BU for this audit.
• Based on the evaluation of the risks and the changes in legal framework, adapt the
• supply chain security guideline.

Projectmanagement on security topics

• Enhance operational excellence in security.
• Inspire, initiate, and supervise security and integrity improvement projects.
• Take the lead as project manager in specific projects that are multi –site and multi-business e.g. creating awareness on Information Security, the improvement of the protection of knowledge and of intellectual property; vulnerability and penetration testing, …
• Contribute to cross-functional improvement projects in related fields and in certification exercises .g., IA, ISO27000, NIS2, O.T.

Who we are looking for

Requirements:

• 10+ year ‘work experience in a security related domain.
• Masters Degree, with preference in law
• Experience in a high-tech industrial environment is a plus
• 3+ years of experience in project management on related topics
• Organizational security management e.g; ASIS certification
• Risk and Information management e.g; ISO certification
• Fluency in English (both written and spoken) and a good knowledge of Dutch and/or French, German. Knowledge of another language is a plus
• High level of integrity and discretion
• Convincing and excellent written communication skills.
• Organizational skills
• Good networking and strong relationships building skills with colleagues in different regions across the world
• Problem judgements and analytic skills
• Pragmatic and solution oriented approach
• Cost awareness

Travel: occasional travel abroad

What we offer

We aim to lead the way. Not just for our customers, but for our employees too. That is why we strive to create a collaborative environment in which we can all succeed, and a culture through which we can all share ideas, develop our expertise and advance our careers. We engage in building an inclusive work culture that offers equal opportunities for all employees irrespective of their diverse backgrounds. As you would expect from a world-leading organisation, we will also reward your contribution with a competitive salary and benefits. With all this and more, imagine what you could do?

If our technologies can tackle some of the world’s most pressing challenges, IMAGINE WHAT YOU COULD DO?

#LI-Hybrid