Senior Cyber & Information Security Auditor

Driving decarbonization and digitalization. Together.

Infineon designs, develops, manufactures, and markets a broad range of semiconductors and semiconductor-based solutions, focusing on key markets in the automotive, industrial, and consumer sectors. Its products range from standard components to special components for digital, analog, and mixed-signal applications to customer-specific solutions together with the appropriate software.

We are on a journey to create the best Infineon for everyone.

This means we embrace diversity and inclusion and welcome everyone for who they are. At Infineon, we offer a working environment characterized by trust, openness, respect and tolerance and are committed to give all applicants and employees equal opportunities. We base our recruiting decisions on the applicant´s experience and skills.
Please let your recruiter know if they need to pay special attention to something in order to enable your participation in the interview process.

• Be responsible for the regular verification of the completeness and effectiveness of Infineon’s Cyber & Information Security Management System (2nd line of defense) - with a focus on the regions APAC, Greater China and Japan;
• Ensure Infineon’s continuous compliance with legal, contractual and internal security requirements as well as certifiable Security Standards(e.g. ISO27001, TISAX, Common Criteria, GSMA, etc.)
• Perform internal control / audit activities and facilitate external audits in order to obtain new or uphold already granted Security Certifications
• Support the maintenance and improvement of the Verification function and related processes as well as the Cyber & Information security control framework;
• Drive the verification automation by supporting the implementation or development of a GRC application.

• A degree in Computer Science, Information Technology or an equivalent qualification – ideally with a focus on Cyber / Information Security;
• Several years of practical experience as an auditor, expert or consultant in the area of IT and/or Cyber / Information Security, preferably in an international environment;
• Knowledge of general Cyber / Information Security Standards such as NIST and ISO270xx, and ideally also of industry-specific Security Standards (e.g. TISAX, Common Criteria, GSMA);
• Relevant Security Certifications (e.g. ISO27001 Lead Auditor, CISA,CISM, CISSP) are a plus;
• Fluency in English (mandatory), Chinese language skills desired;
• Willingness to travel internationally (up to 30%);
• Programming skills in Python, Java or C++ are an additional advantage.