Randstad Digital

We are seeking an experienced Cybersecurity Specialist - Mergers & Acquisitions (M&A) with a strong background in evaluating and mitigating cybersecurity risks across all domains, particularly in cloud environments such as Azure and AWS and Entra ID. This role involves conducting comprehensive cybersecurity assessments during the M&A lifecycle, identifying risks, and ensuring alignment with regulatory, legal, and compliance requirements. The ideal candidate will have hands-on expertise in cloud security, governance, risk management, and post-merger integration strategies. This is a high-impact position requiring collaboration with cross-functional teams to safeguard our organization's investments and ensure a seamless integration of acquired entities.

Key responsibilities

Cybersecurity Assessments for M&A Activities:

Conduct thorough cybersecurity assessments for acquisitions, following our standardized Security framework

Identify risks across all cybersecurity domains, including governance, infrastructure, data protection, applications, and identity and access management.

Cloud Security Evaluation:

Assess cloud environments (e.g., Azure, AWS, Entra ID) for vulnerabilities, misconfigurations, and compliance gaps against the ATLAS Copco Security Policy

Evaluate security posture using cloud-native tools (e.g., Azure Security Center, AWS Security Hub) and third-party solutions.

Risk Management and Reporting:

Analyze and communicate cyber risks to various stakeholders, providing actionable insights and mitigation strategies.

Develop detailed risk assessment reports and integrate findings into a Risk register

Compliance and Regulatory Alignment:

Ensure alignment with frameworks such as NIST, ISO 27001, GDPR, and other global regulations.

Validate that cloud and on-premises environments meet required security and compliance standards.

Post-Merger Integration:

Oversee cybersecurity integration efforts, ensuring acquired entities adhere to the ATLAS Copco group security policies and practices.

Develop and execute integration roadmaps for securing IT infrastructure, data, and operations.

Collaboration and Stakeholder Engagement:

Partner with M&A teams, group IT, and business stakeholders to align cybersecurity priorities and risks

Communicate technical risks effectively to non-technical language

Key competencies

Technical expertise in cybersecurity

In-depth knowledge of cybersecurity principles across all domains, including infrastructure, network security, identity and access management, data protection, and application security.

Hands-on experience in assessing and securing cloud environments (e.g., Azure, AWS) and hybrid systems.

Familiarity with tools and frameworks like NIST CSF, ISO 27001, CSA Star, and related compliance standards.

Mergers & acquisitions (M&A) experience

Proven ability to assess cybersecurity risks and opportunities during the M&A lifecycle, from due diligence to post-merger integration.

Strong understanding of the unique challenges and time-sensitive nature of M&A activities.

Risk assessment and management

Expertise in identifying, analysing, and quantifying cybersecurity risks.

Ability to propose effective mitigation plans and integrate findings into broader risk Management Frameworks.

Cloud Security knowledge

Advanced understanding of cloud platforms (e.g., Azure, AWS), their architectures, and associated security services and controls.

Competence in identifying vulnerabilities, misconfigurations, and risks in cloud-based environments.

Regulatory and compliance acumen

Strong grasp of global regulatory requirements, including GDPR, Hipaa, and regional laws, and their application in M&A scenarios.

Ability to assess target organizations' compliance posture and develop action plans for alignment.

Communication and stakeholder management

Excellent communication skills to convey technical risks and concepts clearly to non-technical stakeholders, including executives.

Ability to collaborate with cross-functional teams, including legal, IT, and business units.

Analytical and problem-solving skills

Strong ability to analyse complex environments, prioritize risks, and make data-driven recommendations.

Proactive mindset with the ability to anticipate and address challenges in dynamic M&A contexts.

Leadership and initiative

Capacity to lead cybersecurity assessments and integration efforts independently while coordinating with diverse teams.

Commitment to driving continuous improvement and keeping up with emerging cybersecurity trends and threats.

Certifications and continuous learning

Relevant certifications such as CISSP, CISM, CCSP, AWS Certified Security - Specialty, or Azure Security Engineer Associate.

Commitment to staying updated on cybersecurity advancements, especially in cloud security and M&A processes.

Required qualifications

Bachelor's degree in Cybersecurity, Information Technology, or related field (Master's preferred).

Extensive experience in cybersecurity leadership roles, ideally within large, multi-national organizations.

Proven track record of managing security programs, compliance initiatives, and risk management in a business-oriented environment.

Strong understanding of regulatory compliance, data protection, and third-party risk management.

Excellent communication and stakeholder management skills with the ability to influence across various levels of the organization.

---