Operational Technology Security Expert

At Bayer we're visionaries, driven to solve the world's toughest challenges and striving for a world where ,Health for all, Hunger for none' is no longer a dream, but a real possibility. We're doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining 'impossible'. There are so many reasons to join us. If you're hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there's only one choice.

Operational Technology Security Expert (m/f/d) 

Bayer HealthCare Manufacturing is looking for a brilliant and strong Operational Technology Security Expert.

He/She will lead the implementation and continuous improvement of the Information Security and Compliance Framework for Bayer's Italian production site.

The role involves managing the compliance program, engaging with internal and external stakeholders, and driving risk reduction while fostering a strong security culture.

MAIN TASKS AND RESPONSABILITIES:

• Represent the site in cybersecurity and compliance governance forums, ensuring alignment and communication with global Cybersecurity, IT, and Quality teams
• Ensure the site's compliance with the NIS2 Directive and related national obligations, including reporting and notification duties within required timeframes
• Drive the lifecycle, development, implementation, and maintenance of information security policies, procedures, and controls in line with Bayer standards and international best practices (e.g. NIST, IEC and SOPs
• Oversee the local cybersecurity risk management process: perform or coordinate risk assessments, define mitigating actions, and ensure timely implementation with Engineering, IT, and Production departments
• Manage cybersecurity technical and compliance projects, ensuring delivery on time, within quality and budget standards, while meeting regulatory and corporate objectives
• Coordinate and support internal and external audits, compliance reviews, and readiness assessments (including NIS2, ISO 27001, GMP)
• Act as the primary point of contact for cybersecurity governance topics, ensuring consistent application of Business Impact Analysis (BIA), Business Continuity Plan (BCP), and Disaster Recovery Plan (DRP)
• Promote awareness, communication, and training programs to strengthen security and compliance culture across all organizational levels
• Take responsibility for personal conduct and supervise the team regarding Health, Safety, Environment, and Energy duties

WHO YOU ARE:

• Bachelor's or Master's degree in Computer Science, Information Technology, Engineering, or related fields
• At least 5 years of experience in cybersecurity governance, IT risk management or compliance
• Experience in a consulting firm or regulated industrial environment is a plus
• Proven experience in managing security or compliance programs with direct accountability for governance, risk and reporting
• Strong understanding of cybersecurity frameworks and standards: ISO 27001/27002, IEC 62443, NIS2, NIST
• Sound knowledge of IT systems and core security technologies (e.g., firewalling, IDS/IPS, virtualization, network security, Active Directory)
• Knowledge of automation technologies (such as PLCs, SCADA, control systems, industrial network protocols) and professional certifications (including CISSP, CISM, PRINCE2, PMP, ITIL, and CCNA/P) are considered a plus
• Demonstrated ability to lead cross-functional initiatives and coordinate with global stakeholders
• Experience with project management methodologies and governance tools (GRC systems, dashboards, KPI tracking)
• Excellent communication and stakeholder management skills, with ability to report effectively at different organizational levels
• Residence or domicile in Lombardy
• Fluent in English and Italian mother tongue

Location: Garbagnate Milanese 
Type of contract: Permanent

    Application Period: Reference Code: Division:Pharmaceuticals  Location:Italy : Lombardia : Milan   Functional Area:Information Technology  Position Grade:A3, VS1.1   Employment Type:Regular Work Time:Full Time    Contact Us Address E-MailViale Certosa 130, 20156 Milano    

---