Infosec Advisor

As Infosec Advisor, you will be the source of security information for Adevinta Marketplaces and for the central Adevinta Infosec team. You will work on threat modelling, audits, policy evaluation, tool evaluation, and a variety of other subjects related to security. You will interact with stakeholders in the Marketplace and ensure the delivery of the central Infosec services to the Marketplace, ensuring quality and impact of the service delivery, involving yourself in their projects, and representing the Marketplace interests to the rest of the Infosec Tribe.

This position requires autonomy, pro-activeness, information organisation skills, expertise in some fields of information security, and a broad understanding of information security in the cloud, specifically in AWS.

• You will fulfil the role of subject-matter expert for one or several fields of information security. You will support the Infosec Partners who interface with the different Adevinta Marketplaces. You will accomplish this by conducting deep analysis of different subjects, handling projects, collating information, assisting with incidents, and recommending actions based on your expertise and on your knowledge of the Adevinta Infosec policies.

• At a high level of seniority, you will assist in shaping the Adevinta Infosec Policies.

• You will report to the Infosec Advisor Manager.

• You will work in a hybrid remote/on-site environment, with the team physically spread across different geolocations (Adevinta’s hubs: Barcelona & Amsterdam).

• You may be required to travel occasionally, mainly inside the EU, to our main hubs and to the Marketplaces.

• You have strong analytical skills, with the ability to synthesise complex data into actionable insights.

• You have a passion for security.

• You have expertise in at least one and preferably several of the following subjects:

  • Threat modelling

  • Information security auditing

  • AWS security architecture

  • Web application security

  • Secure coding

• You have fundamental knowledge of Information Security, as well as of applicable industry frameworks and regulations, such as ISO 27001, OWASP, and GDPR.

• You are familiar with cloud technologies (preferably AWS) and their security implications.

• You have the ability to adapt to different and changing circumstances.

• You deal with problems by taking ownership and by collaborating with others.

• You are fluent in English (spoken and written). Knowledge of French, German, Spanish or Italian is a plus.

• You are comfortable in a multicultural environment.

• Familiarity with Agile work methods

• Public or private presentations

• Open source contributions

• Participation in conferences and training

• Relevant certifications