Governance & It Security Sr Technician

The Governance & IT Security Senior Technician is responsible for executing day-to-day security and governance activities, such as monitoring compliance with security policies, supporting vulnerability management efforts, and conducting IT security assessments.

Key Functions

1. Support the implementation and maintenance of governance frameworks to ensure best practices are applied, following advice from IT Security and Governance Analysts.
2. Assist in developing, implementing, and enforcing policies and procedures to ensure compliance and security across the organization, especially after IT tools have been selected.
3. Help manage regular risk assessments to identify potential risks and vulnerabilities, supporting the IT Security Analyst in developing mitigation strategies.
4. Monitor compliance with internal policies and external regulations, assist in audits, and ensure the organization meets all legal and regulatory requirements.
5. Ensure the lifecycle and capacity planning for all security and corporate technology components.
6. Assist in identifying, assessing, and managing vulnerabilities in the infrastructure, working closely with the IT Security Analyst and understanding CSIRT reports.
7. Maintain detailed documentation of governance and security activities, and prepare reports on compliance status, risk assessments, and security metrics.
8. Collaborate with IT Security and Governance Analysts to align security and governance activities within Cellnex.
9. Assist in developing and delivering training programs to educate employees on governance and security best practices, and pursue self-improvement.
10. Identify opportunities for improving governance and security processes, supporting the implementation of enhancements to increase efficiency and effectiveness.

Qualifications

• University degree in Computer Science, Information Security, Information Technology, or a related field.
• Certifications such as CompTIA Security+, CISA, CISM, CISSP, and Lead Auditor/Implementer ISO 27001 are advantageous.
• 2-3 years of relevant professional experience in IT security, governance, risk, and compliance.
• Knowledge of security principles, compliance assurance, IT security, governance, and risk management.
• Basic understanding of IT infrastructure, network security, incident response, and governance frameworks.
• Familiarity with standards like ISO 27001, NIST, and relevant regulations.

Skills and Characteristics

• Ability to maintain accurate records, logs, and documentation essential for compliance and reporting.
• Strong skills in identifying security risks, analyzing complex data, and troubleshooting security issues.
• Effective communication skills to explain security concepts to both technical and non-technical stakeholders.