Cybersecurity Analyst

About Fisker Inc.

California-based Fisker Inc. is revolutionizing the automotive industry by developing the most emotionally desirable and eco-friendly electric vehicles on Earth. Passionately driven by a vision of a clean future for all, the company is on a mission to become the No. 1 e-mobility service provider with the world’s most sustainable vehicles. To learn more, visit
- and enjoy exclusive content across Fisker’s social media channels:
Facebook

,

Instagram

,

Twitter

,

YouTube

and

LinkedIn
- Download the revolutionary new Fisker mobile app from the

App Store

or

Google Play

store.

The Cybersecurity Analyst is responsible for administration and optimization of cybersecurity governance, risk, and compliance services for the enterprise and its vehicle product. The Cybersecurity Analyst assists with the evaluation, rationalization, development, and enforcement of controls in the context of ISO27001, ISO21434, SOX, GDPR, PIPL and other national and international, cybersecurity and data protection requirements.

Role Overview:
- Cybersecurity Policy Management and Maintenance- Cybersecurity Training & Awareness Campaigns- Cybersecurity Regulatory & Policy Compliance Program- Cybersecurity Risk Assessment- Privacy and Data protection Initiatives- Participate in understanding the enterprise objectives and translating them into annual cybersecurity & data protection strategy, roadmap, and objectives.- Work with the business, CISO, and cybersecurity management to understand compliance gaps, requirements, technical needs and translating them into standard process and configurations.- Participate in establishing and maintaining security and privacy policies, baselines, standards, checklists, and processes.- Participate in establishing a strong and effective Cybersecurity & Data Protection Governance model and instituting a sound GRC platform based on a unified security compliance model.- Participate in the execution of enterprise-wide cybersecurity & data protection awareness programs with an objective to enhance staff awareness levels.- Participate in establishing and maintaining cybersecurity & data protection KPIs and metrics and risk register.- Participate in maintaining overall cybersecurity & data protection remediation plans and managing waivers and exceptions.- Participate in cybersecurity & data protection process assessment and optimization.- Coordinate and prepare management reporting.- Participate in Identifying and keeping track of cybersecurity & data protection compliance mandates and work with governance in the creation, implementation, and maintenance of appropriate procedures to be compliant with all applicable regulations e.g., supplier risk assessments.- Responsible for identifying compliance gaps and recommending, implementing, and maintaining technical and procedural controls to enable regulatory compliance in the most reasonable and cost-effective manner.- Liaison with other business lines and support divisions in the implementation of regulatory compliance requirements.- Responsible for tracking audit findings and recommendations to ensure that appropriate mitigation actions are taken while supporting necessary compliance activities.- Participate in the management of critical cybersecurity & data protection compliance programs including ISO 27001, ISO21434, NIST CSF and compliance mandates from UNECE and other global mandates for cybersecurity and privacy.- Responsible for supporting external and internal IT/backend IT infrastructure, audit activities for ISO 27001, ISO21434, and SOX compliance.- Participate in understanding and interpreting emerging and evolving data protection and privacy standards and translating them into updates for policy and compliance programs.

Skill Requirements:
- Ability to interface with all levels within organization and provide input to facilitate decisions.- Ability to interface with all levels within organization and provide input to facilitate decisions.- Analytical skills and ability to formulate, articulate, and present recommendations.- Familiarity with issues relevant to cyber risk management in the mobility industry.- Ability to multi-task and prioritize in fast changing environment.- Ability to relate business requirements and risk to technology and process implementation for security and privacy management issues.- Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment.- Highly organized, self-motivated, and accountable.- High aptitude for learning and can quickly and effectively handle tasks that require initiative and sound judgment.- Excellent English written and verbal communication skills.- Strong problem-solving and technical writing skills.- Understands the need for collaboration, and consistently practices effective teamwork with others.- Capable of prioritizing and managing project, assignments, tasks to completion with mínimal supervision.

Educational Requirements:
- Bachelor’s