Ver oferta completa

SENIOR GRC SECURITY ENGINEER

Madrid - Madrid

Descripción de la oferta de empleo

Company Description We are SGS – the world's leading testing, inspection and certification company.
We are recognized as the global benchmark for sustainability, quality and integrity.
Our employees operate a network of offices and laboratories, working together to enable a better, safer and more interconnected world.
Job Description The Senior GRC Security Engineer will be part of the Technical Security Office (TSO) and will play a critical role in protecting the organization’s assets, ensuring regulatory compliance, and managing cyber risk.
Specific responsibilities.
Implementation and monitoring of security controls.
manage the technical security architecture of the organization, implement protective measures, and ensure their effectiveness across the IT environment.
Development of security policies and procedures.
create, review, and update security policies, procedures, and hardening guides to ensure regulatory compliance and best practices.
Support for customer assessments.
provide support for customer-requested security evaluations, ensuring alignment with the organization’s security standards.
Management of security exceptions.
evaluate, manage, and document security exception requests, ensuring associated risks are appropriately controlled.
Support to business and IT on security requirements.
advise business and IT areas on matters related to information security requirements, ensuring that controls are effective and integrated into operational processes.
Support for third-party audits.
Collaborate on external and internal audits, including ISO certification audits, financial audits, ITGC (IT General Controls), and other compliance reviews related to information security.
Projects.
security assessments, findings, product evaluations, propositions for further system security enhancement & S-SDLC.
Compliance and audits.
Ensure compliance with information security regulations (ISO , GDPR, NIST,NIS2,IA EU Act, etc) and assist in internal and external audits.
Governance and risk management.
participate in the development and review of security policies, as well as in the identification, assessment, and mitigation of cybersecurity risks.
Evaluation of security technologies.
participate in the assessment of security technologies, identify and define system and security requirements, baselines and controls for both the existing environment and new developments in IT infrastructure.
Collaboration across departments.
work with IT, Development, Business lines and Human Resources departments to ensure that security controls are effective and that policies are correctly applied.
Business continuity.
design and document business continuity strategies to minimize disruptions in operations due to unforeseen incidents, such as cyber-attacks, natural disasters, or system failures, ensure BCP aligns with organizational risk management strategies and regulatory requirements.
Training and security awareness.
select training content and lead awareness campaigns.
Organize controlled phishing tests for employees to assess and improve the organization’s security culture.
Dashboards creation and KPI tracking.
develop security dashboards and monitor key security performance indicators (KPIs) to track the effectiveness of security controls and identify areas for improvement.
Ensure policies help meet compliance with regulatory requirements, including but not limited to ISO, GDPR, SOC2, etc.
Conducts assessments to identify gaps and make sound recommendations for improvement.
Identify acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk mitigation.
Conduct and monitor the enterprise security awareness program, monitoring for compliance across the organization.
Prepares documentation, presentations and reports for management.
Leads discussions with management regarding policy effectiveness and prepares reports to management communicating results including recommendations to IT Policies to help improve technology and business practices.
Qualifications Please submit English CV The ideal person enjoys security work and possesses expertise in the security space, both in depth and in width.
Should be quite confident, very curious, extremely open minded and eager to learn and grow in the cyber security area   Qualifications & soft skills Bachelor’s degree in computer information systems, Information Technology or related field; Certifications in information security (CISSP, CISM, ISO Lead Auditor/Implementer, CRISC) are highly desired; least 3-5 years of experience in a similar information security role, preferably within a technical or internal security office environment; Advanced knowledge of cybersecurity regulations.
Experience with frameworks such as ISO , NIST, PCI-DSS, GDPR, among others.
Ability to manage compliance audits and GRC (Governance, Risk, and Compliance) reporting; Lead Auditor , CISA, CISSP qualifications would be desirable; Technical knowledge of network, databases and operating system security and understanding of the latest security principles, techniques, concepts and protocols; Training and awareness in security governance, risk, and compliance; Knowledge in the following areas.
operating systems, applications, operations (batch processing, monitoring) networking and telecommunications, databases, and logical security; Ability to work independently as well as being a team player, in a fast-paced and international environment; Ability to manage multiple projects concurrently and work under pressure; Strong problem solving and innovative and critical thinking; Fluent in English; knowledge of other languages would be a plus; Proficient in MS Office tools (Excel, Word,PowerBi etc.).
Additional Information This position is based in our office in Madrid and is an excellent entry point into SGS and will open up opportunities to career development within the Group.
Job Location I'm interested I'm interested Privacy Policy
Ver oferta completa

Detalles de la oferta

Empresa
  • Sin especificar
Localidad
Dirección
  • Sin especificar - Sin especificar
Fecha de publicación
  • 22/10/2024
Fecha de expiración
  • 20/01/2025
Qa automation engineer
Innoit

Your profile: at least 3y of experience working as a qa automation engineer... are you a qa automation engineer looking for new challenge? we aspire to reach everyone and connect them to top projects... experience in functional, regression and user acceptance testing methodologies... com/es-es/meetup-de-innoit-consulting-en-barcelona/?_locale=es-es......

Asistente de atención médica Senior - Coordinador de turnos
Reach HR Consulting

Estamos buscando un asistente de atención médica senior para coordinar la prestación de atención médica... asistente de atención médica senior - coordinador de turnos - car home / asistencia domiciliaria - turnos de día y de noche - centro de atención continua y domiciliaria - cornwall reino unido reach......

Asistente de atención médica Senior - Coordinador de turnos
Reach HR Consulting

Estamos buscando un asistente de atención médica senior para coordinar la prestación de atención médica... asistente de atención médica senior - coordinador de turnos - asistencia domiciliaria / asistencia domiciliaria - turnos de día y noche - centro de atención continua y domiciliaria - cornwall reino......

Devops engineer
Innoit

Are you a devops / site reliability engineer seeking new interesting opportunity? so... high level of english... microservices technology understanding and architecting... tech communities so you can share your knowledge with your colleagues... flexible working hours... we’re very open to hear your opinions......

Data Engineer
Innoit

Are you a big data engineer looking for a new challenge? so... experience working in a virtual, international and multicultural environment... closely collaborates with information architect and system leads of it domains... assures guidelines and best practices for data and metadata acquisition are......

Diseñador Gráfico Senior UI/UX
S&F

Diseñador/a gráfico senior ui/ux, con experiencia demostrable para integrarse de forma inmediata en nuestro gran equipo de desarrolladores, realizando tareas de diseño ui/ux/ixd, animaciones y branding para proyectos digitales tecnológicos innovadores... 3 años de experiencia demostrable......

Técnicos senior de radiología - Unidad de salud móvil
Reach HR Consulting

Técnicos senior de radiología - reino unido - unidad de salud móvil de imágenes reach hr es una empresa especializada en la contratación de profesionales sanitarios... ejecución de procedimientos de verificación de equiposrespetar y trabajar dentro de las costumbres, valores y creencias espirituales......

Diseñador gráfico senior UI/UX
S&F

Diseñador/a gráfico senior ui/ux, con experiencia demostrable para integrarse de forma inmediata en nuestro gran equipo de desarrolladores, realizando tareas de diseño ui/ux/ixd, animaciones y branding para proyectos digitales tecnológicos innovadores... otros datos del puesto adjuntar información sobre......

Comercial Senior
Distritelmur

Seleccionamos comercial senior para el departamento de captación del segmento pymerequisitos del puesto experiencia mínima demostrable como comercial en el sector de las telecomunicaciones 1 año... sueldo fijo más altas comisiones por consecución de objetivos... asesorándoles de una manera profesional......

CALL 41-2023-1 - Satellite Communications Engineer
Centre Tecnològic de Telecomunicacions de Catalunya

Who are we looking for ? the space and resilient communications and systems unit is looking for a satellite communications engineer... we have 2 buildings on campus, with state-of-the-art facilities, comfortable work spaces, meeting rooms, and multipurpose spaces, as well as social spaces... cat/talent/careers/job-openings/......