Senior Cybersecurity Strategist with Italian - Senior - EY GDS Spain - Hybrid

The opportunity

Join our dynamic Cybersecurity team where your expertise will play a pivotal role in safeguarding organizations against evolving threats and enhancing resilience through innovative solutions and strategic insights!

As a member of our team in the EY GDS Spain office in Malaga, you’ll have a chance to extend your knowledge & experience by working on interesting projects with the newest technologies and approaches. You’ll support clients in choosing the most suitable business solution and take part in digital transformation.

Your key responsibilities

You will take on a variety of critical responsibilities that directly contribute to our mission of enhancing organizational security and resilience. Your expertise will be essential in ensuring compliance, managing risks, and fostering a culture of security awareness throughout the organization.

• Document review of policies and documentation related to Cybersecurity.
• Conducting assessments on suppliers as part of Third Party Risk Management (TPRM).
• Compliance verification against standards and regulations in Cybersecurity, such as ISO 27001, NIST, NIS2, and ISO 22301.
• Enhancing organizational awareness in resilience through training and simulation activities.
• Definition, implementation, and maintenance of Business Continuity Management Systems, as well as the development of plans, procedures, and strategies for Business Continuity Management, Disaster Recovery, and Crisis Management.
• Risk evaluation in the context of risk assessment and vulnerability management.
• Activities in Cybersecurity Governance, Risk and Compliance, Data Protection, and Security Culture & Awareness.

Skills and attributes for success

To succeed in this role, you'll benefit from a good understanding of international cybersecurity standards and regulations, along with some experience in risk assessment.

• Knowledge of international standards and frameworks in Cybersecurity, privacy, and resilience (ISO 27001, NIST, ISO 22301, GDPR).
• Familiarity with national and EU regulations regarding cybersecurity and resilience (NIS directive, CER directive, etc.).
• Experience in risk assessment.

To qualify for the role, you must have

• A Bachelor’s degree in Computer Science, Business Administration, IT, or a related field (or equivalent practical experience).
• Good organizational and analytical skills.
• Excellent interpersonal skills and teamwork attitude.
• Project management.