Group IT Security SME Madrid (Madrid)


  • Madrid (Madrid)
  • Hace 19 horas (Actualizada)
  • 11 inscritos

Jornada Completa - Contrato sin especificar - Retribución sin especificar - Al menos 5 años de experiencia

Inscribirme en esta oferta

Comparte:

Empresa

ALSA

Company with over a hundred years of experience. We are the leading operator in the Spanish road passenger transport sector, with national and international presence.
In Alsa we work more than 8300 professionals between Switzerland, Morocco and Spain.
Grow with great professionals!
Descripción de la oferta

Descripción de la oferta

Duración de la oferta: hasta el 20/10/2019

Funciones

The person selected for the position will be responsible for carrying out the following functions:

Assess and evaluate third party suppliers through defined instruments to establish their IT security position, identify associated risks and communicate the outcome to relevant stakeholders

Support activities concerning IT security assessment of prospective acquisitions of companies to determine any gaps that require mitigation and communicate risks to the appropriate stakeholders

Evaluate IT security advisories and determine actions to assign them to an appropriate team

Supervise and coordinate the penetration testing and vulnerability scanning activities executed by a third party provider

Provide advice to projects and initiatives in the form of IT security requirements 

Respond to IT security incidents, suspicious activity or alerts to prevent adverse impact to users, processes, systems or data

Support current IT security initiatives in-flight to successfully take them to completion

Own and advise on IT security in corporate forums such as Change Advisory Board (CAB), Technical Design Authority (TDA) and ISO27001 committees as applicable

Advise business functions on compliance requirements for relevant frameworks (such as PCI DSS, GDPR and ISO27001)

Review and provide input on corporate documents concerning IT security, such as policies, supplier contracts, service contracts and data processing agreements

Participate in meetings where IT security support is required, including project, debrief, catch-up, supplier, security testing and any other as applicable

Appraise IT security risks, manage the IT security risk register and, where applicable, support and coordinate ISO27001 compliance activities

Create summaries, updates and reports with the relevant periodicity required according to the IT security process 

Act as a point of contact for ad-hoc enquiries, troubleshooting issues and general support concerning IT security

Communicate proactively and effectively with all stakeholders, internal teams, suppliers and any other involved party in the IT security processes

Liaise with the wider IT security representatives at a Group level to exchange knowledge and contribute to the wider strategic and tactical initiatives

Requisitos

The ideal candidate will have the following skills and experiences:

 Significant experience in corporate IT security on large and diverse organisations (5-10 years
A recognised certification in IT security (CISSP and/or CISM, or equivalent)
Understanding of ISO27001, CIS controls, NIST Cyber Security Framework, PCI DSS and GDPR
Ability to analyse from a technical point of view an IT solution to identify appropriate IT security controls
Ability to identify potential weaknesses on a given IT solution (e.g. through threat modeling and/or risk assessment)
Ability to define or assess IT security requirements for an IT solution in a written format for consumption of other stakeholders of the development or deployment pro
 Ability to assess IT security incidents, IT security advisories and IT security issues collating technical and functional information to define mitigating actions
 Ability to communicate technical findings or vulnerabilities in plain language to varied audiences across the organisation
Ability to create, review or amend corporate documents related to IT security including but not limited to policies and legal contracts
 Ability to support conversations with a broad set of stakeholders, including but not limited to, project managers, third party suppliers, technical teams and functional teams
 General technical knowledge including but not limited to networks, operating systems, databases, application servers, web servers, cloud security (e.g. multi-tenancy, public/private implementations, SaaS, PaaS, IaaS), end-point security (e.g. hardening, anti-malware), web application security (e.g. OWASP), network security (e.g. IDS/IPS, SIEM, DDOS mitigation and WAF) and penetration testing
Demonstrable success in influencing stakeholders to manage conflicting schedules, demands and priorities
 Experience in multi-leveled organisations to identify and manage IT security risks
Experience in working with multiple suppliers and partners responsible for areas of delivery
Self-sufficient and dynamic individual who is able to hit the ground running
 A passion to get involved with technical challenges and broaden skills and abilities
Excellent English verbal and written communication skills

Se ofrece

At ALSA we promote professional growth, do not hesitate to join a company with more than 8,500 employees and an international presence.

Take advantage of this great opportunity!
  • Área

    Tecnología e informática

  • Categoría o nivel

    Técnicos

  • Nº Vacantes

    1

Más ofertas para ti

IT Risk & Security Consultant

EY

Madrid España

Hace 19 horas

Inscríbete
IT infraestructure project manager

Desoftnomi SL

Madrid España

Hace 43 horas

Inscríbete
Administrador Sistemas / Devops

Empresa Digital

Madrid España

Hace 43 horas

Inscríbete
Ingeniero de Sistemas / Ingeniero Preventa

Page Personnel

Madrid España

Hace 19 horas

Inscríbete
Experto/a Implantación Procesos de Sistemas

TEMPOTEL

Madrid España

Hace 6 días

Inscríbete
Administrador Wintel

Page Personnel

Madrid España

Hace 43 horas

Inscríbete
Devops

Page Personnel

Madrid España

Hace 19 horas

Inscríbete
IT Operacions Analyst

Page Personnel

Madrid España

Hace 43 horas

Inscríbete



Inscribirme en esta oferta
Inscribirme en esta oferta

Para crear una alerta debes iniciar sesión o regístrate