Data Protection and Information Security Officer

• Overall responsibility for Information Security and Data Protection (ISP) for all locations of BGSV
o Information Security:
- Identification and assessment of ISP risks according to Bosch guidelines and standards
- Defining security level: Definition, implementation and reporting
- Informing and advising managers and associates on the implementation of and compliance with all operational and legal requirements relating to ISP and known risks
- Driving and monitoring the implementation of requirements to ISP as per Bosch standard
- Monitoring security for Outsourcing, offshore development centers
- Building awareness of ISP amongst associates
- Analyzing security incidents, identify and address common root causes, suggest LL/BP and contribute to organization's repository.
o Functional responsibility for all ISP-functions: Organize, train and support professional Data Protection and Information Security Partner of departments
- The main contact point for ISP related internal and external audits
- Lead ISMS internal audits
- Lead activities of ISO27001 Certification Audit, TISAX assessment
o Data Protection:
- Contact point with local authorities if required
- Coordinating with regional Data Protection Officer national laws in Vietnam
- Cultural and linguistic tasks such as translations, local adaptations or creation of sensitization and training material
- Implementing and advising of local data protection law
- Processing of inquiries from data subjects and data protection incidents
o Cyber security in products
- Coordinating cyber security in product development of BGSV with Product Security Officer (training, awareness, process communication,..)
- Consulting processes of cyber security, support product security relevant assessment to project manager
- Monitoring security and Data protection aspects for Enterprise IT systems of BGSV