Xquisit - Cybersecurity Specialist

Group Security is seeking an experienced Cybersecurity Specialist - Mergers & Acquisitions (M&A) with a strong background in evaluating and mitigating cybersecurity risks across all domains, particularly in cloud environments such as Azure and AWS and Entra ID. This role involves conducting comprehensive cybersecurity assessments during the M&A lifecycle, identifying risks, and ensuring alignment with regulatory, legal, and compliance requirements. The ideal candidate will have hands-on expertise in cloud security, governance, risk management, and post-merger integration strategies. This is a high-impact position requiring collaboration with cross-functional teams to safeguard our organization's investments and ensure a seamless integration of acquired entities.Key responsibilitiesCybersecurity Assessments for M&A Activities: Conduct thorough cybersecurity assessments for acquisitions, following our standardize Security frameworkIdentify risks across all cybersecurity domains, including governance, infrastructure, data protection, applications, and identity and access managementCloud Security Evaluation: Assess cloud environments (e.g., Azure, AWS, Entra ID) for vulnerabilities, misconfigurations, and compliance gaps against the Security PolicyEvaluate security posture using cloud-native tools (e.g., Azure Security Center, AWS Security Hub) and third-party solutionsRisk Management and Reporting: Analyze and communicate cyber risks to various stakeholders, providing actionable insights and mitigation strategiesDevelop detailed risk assessment reports and integrate findings into a Risk registerCompliance and Regulatory Alignment: Ensure alignment with frameworks such as NIST, ISO 27001, GDPR, and other global regulationsValidate that cloud and on-premises environments meet required security and compliance standardsPost-Merger Integration: Oversee cybersecurity integration efforts, ensuring acquired entities adhere to the group security policies and practicesDevelop and execute integration roadmaps for securing IT infrastructure, data, and operationsCollaboration and Stakeholder Engagement: Partner with M&A teams, group IT, and business stakeholders to align cybersecurity priorities and risksCommunicate technical risks effectively to non-technical languageKey competenciesTechnical Expertise in CybersecurityIn-depth knowledge of cybersecurity principles across all domains, including infrastructure, network security, identity and access management, data protection, and application securityHands-on experience in assessing and securing cloud environments (e.g., Azure, AWS) and hybrid systemsFamiliarity with tools and frameworks like NIST CSF, ISO 27001, CSA Star, and related compliance standardsMergers & Acquisitions (M&A) ExperienceProven ability to assess cybersecurity risks and opportunities during the M&A lifecycle, from due diligence to post-merger integrationStrong understanding of the unique challenges and time-sensitive nature of M&A activitiesRisk Assessment and ManagementExpertise in identifying, analysing, and quantifying cybersecurity risks.Ability to propose effective mitigation plans and integrate findings into broader risk Management Frameworks.Cloud Security KnowledgeAdvanced understanding of cloud platforms (e.g., Azure, AWS), their architectures, and associated security services and controlsCompetence in identifying vulnerabilities, misconfigurations, and risks in cloud-based environmentsRegulatory and Compliance AcumenStrong grasp of global regulatory requirements, including GDPR, Hipaa, and regional laws, and their application in M&A scenariosAbility to assess target organizations' compliance posture and develop action plans for alignmentCommunication and Stakeholder ManagementExcellent communication skills to convey technical risks and concepts clearly to non-technical stakeholders, including executivesAbility to collaborate with cross-functional teams, including legal, IT, and business unitsAnalytical and Problem-Solving SkillsStrong ability to analyse complex environments, prioritize risks, and make data-driven recommendationsProactive mindset with the ability to anticipate and address challenges in dynamic M&A contextsLeadership and InitiativeCapacity to lead cybersecurity assessments and integration efforts independently while coordinating with diverse teamsCommitment to driving continuous improvement and keeping up with emerging cybersecurity trends and threatsCertifications and Continuous LearningRelevant certifications such as CISSP, CISM, CCSP, AWS Certified Security - Specialty, or Azure Security Engineer AssociateCommitment to staying updated on cybersecurity advancements, especially in cloud security and M&A processesRequired qualificationsBachelor's degree in Cybersecurity, Information Technology, or related field (Master's preferred)Extensive experience in cybersecurity leadership roles, ideally within large, multi-national organizationsProven track record of managing security programs, compliance initiatives, and risk management in a business-oriented environmentStrong understanding of regulatory compliance, data protection, and third-party risk managementExcellent communication and stakeholder management skills with the ability to influence across various levels of the organization