Senior Professional Information Security (Ref. No.: 20001255)

Senior Professional Information Security (Ref. No.: 20001255)

Yanfeng Slovakia Automotive Interior Systems s. r. o.

Place of work: Slovenská republika, Bratislava
Type of contract: full-time

Information about position

  • Working with the Global Information Security function to identify key business priorities and risks to enhance security strategies and IS Program policies and standards documentation, for protecting business information assets
  • Confirm that applicable legal, regulatory and compliance requirements are addressed in the IS Program, and that security controls are managed and maintained. Specific focus placed on TISAX, ISO 27001, CSOX information security requirements
  • Work with YFI’s business and IT partners to ensure that security controls are managed and maintained in line with YFI’s Information Security Program
  • Assist in performing vendor due diligence, security assessments, risk assessments, etc. as required
  • Assess and continuously monitor the appropriateness and effectiveness of security measures and recommend enhancements in line with YFI’s Security Controls Framework and regulatory requirements
  • Advise and guide the business and IT partners on the appropriateness of security measures to mitigate risk and reduce risk exposure
  • Educate the business and IT partners on alternative security measures & counter measures where security requirements are unable to be met.
  • Track risk management, remediation plans through to successful implementation with the business and IT partners
  • Participate in IT initiatives, as necessary, to ensure security control measures are addressed and embedded in business-as-usual activities prior to project completion.
  • Serve as Regional point person for internal or external audits, customer assessments, etc. such as TISAX, ISO 27001, and others
  • Maintaining awareness of existing and proposed security standard setting groups, by Global/Geographic authorities and regulators as well by Industry/OEM groups.  Identify changes that will affect YFI Information Security standards and recommends appropriate modifications
  • Helping to maintain the Information Security documentation framework and YF OS document management
  • Develop information security program documentation and continuously improve security aspects of core YFI business functions, such as Manufacturing and Product Engineering
  • Provide guidance for security activities in the system development lifecycle and application development efforts
  • In collaboration with Global Information Security and Global IT & Regional IT, lead/participate in development of security configuration baselines and standards for each major type of infrastructure component (e.g., Network-Firewalls, Routers, Logging; Physical Servers, Virtual Servers, End-User Compute, Mobile, etc.)
  • Support management’s Program reporting by analyzing and reporting on IT security controls and risk exposure
  • Manage and enhance the YFI Global Information Security Training and Awareness Program for effective user awareness and involvement in protecting the YFI business

Required education

  • University education (Bachelor's degree)

Requirements for the employee

  • Bachelor’s Degree in IT, Computer Science, Business, Engineering or related field preferred. An advanced technical degree or other applicable graduate degree (MBA) is highly desirable and/or equivalent security certification (CISSP, CISM, CISA. CEH, GIAC, etc.)
  • 8+ Years Information Security and IT experience with 5+ years IT Leadership experience preferred
  • Experience with Information Security standards frameworks such as VDA TISAX, NIST CSF, ISO 27000, MLPS and SANS CSC for Information Security Governance, Controls and Risk Assessments
  • Experience with Security Program, Governance, Architecture and Operations
  • Experience in security controls implementation and balance between policy objectives and IS controls operational integration
  • Experience and results in traditional and innovative IS Training & Awareness
  • Experience with Security Operations and Incident Response
  • Experience with large IT project implementation and IS controls integration
  • Working knowledge of Network and Application Role Security
  • Proven ability to mentor others in the technical and/or business aspects of information systems projects
  • Sensitivity to cultural diversity in the business environment, willingness to travel to customer, company manufacturing sites and supplier sites


Spoločnosť Yanfeng Automotive Interiors (YFAI) je globálnym lídrom v oblasti automobilových interiérov. Spoločnosť YFAI predefinovala, ako ľudia oddychujú a ako sa hrajú v interiéroch svojich vozidiel v súčasnej dobe. Spoločnosť, so sídlom v Šanghaji, má 113 výrobných závodov a technických stredísk v 18 krajinách a zamestnáva viac ako 33 000 ľudí po celom svete. Navrhujú, vyvíjajú a vyrábajú interiérové komponenty pre všetky automobilky. Spoločnosť Yanfeng Automotive Interiors bola založená v roku 2015 a je spoločným podnikom spoločnosti Yanfeng Automotive Trim Systems Co., Ltd., stopercentnou dcérskou spoločnosťou spoločnosti Huayu Automotive Systems Co., Ltd. (HASCO), skupiny výrobcov komponentov SAIC Motor Corporation Limited (SAIC Motor) a spoločnosti Adient, medzinárodného lídra v oblasti automobilových sedadiel. Viac informácií nájdete na stránke

Imported ads (Taleo-eQuest), Yanfeng Slovakia Automotive Interior Systems s. r. o.

latest positions