Hilti

Role Overview

As a Senior Cyber Security Business Partner in 1LOD, you drive cybersecurity and IT risk considerations in the decisions of your internal customers in Global IT. Partnering closely with IT management and business leaders, you help integrate security-by-design early in the planning or development process, contribute to robust operations, while ensuring overall alignment with Hilti’s cybersecurity framework and governance. 

What you’ll do

• Provide technical expertise and decision support during Architecture & Security Reviews, helping teams understand cybersecurity requirements, risks, and trade-offs early to avoid late-stage changes or delays.
• Facilitate clear communication between IT delivery teams, risk owners, and central cybersecurity functions (e.g., Risk & Governance, Security Architecture, Cyber Defense), ensuring shared understanding of expectations, responsibilities, and residual risk.
• Promote and embed security-by-design and privacy-by-design principles, adapting cybersecurity standards pragmatically to business and IT realities.
• Support assurance and IT compliance activities in your area of responsibility.
• Participate in key discussions where cybersecurity considerations impact delivery timelines, compliance obligations, or operational resilience.
• Exhibit a strong ownership on all topics regarding cybersecurity in your area of responsibility and proactively facilitate incremental improvements of the cybersecurity posture of your internal customers.

What you’ll bring

• Bachelor’s or Master’s degree in information security, computer science, engineering, or a related field; relevant certifications (e.g. CISSP, CISM, CRISC) are an advantage.
• 5+ years of experience in cybersecurity, IT risk, or security advisory roles, with demonstrable technical acumen in at least one domain within complex enterprise IT environments: infrastructure security, application security, or DevSecOps.
• Practical experience advising on security considerations in modern platforms or ecosystems, such as Microsoft Azure, Amazon Web Services (AWS), or SAP (S/4HANA or S/4HANA Cloud).
• Strong understanding of IT and business processes (e.g., software development lifecycles, large-scale cloud transformations, AI adoption) and how security impacts delivery decisions.
• Proven ability to translate cybersecurity concepts for non‑security stakeholders and to constructively challenge decisions while maintaining effective working relationships.
• Experience working in agile, globally distributed teams and collaborating with governance, architecture, and delivery functions.