Ciberseguridad à Espagne

We are looking for a Cybersecurity Director that will manage the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.

He / she will be also responsible for management of internal and external penetration tests, track to completion and create metrics to demonstrate progress and maturity.

• Perform comprehensive vulnerability assessments using best in class solutions.
• Review security vulnerabilities across a variety of technologies and environments.
• Validates the vulnerabilities identified against the different frameworks.
• Monitor, detect, and analyze cybersecurity threats using a variety of security tools.
• In close contact with our external SOC, you are responsible for the continuous monitoring of the information security landscape and responding security events.
• Perform deep-dive incident analysis by correlating data from various sources.
• Collaborate with incident responders in steps to investigate and resolve information security incidents.
• Producing effective metrics, dashboard and reports.
• Keep up to date with current vulnerabilities, attacks, and countermeasures.
• Develop and improve information security processes.
• Responsible for conducting regular phishing tests and trainings for users on how to deal with cybersecurity threats.

Education: Preferably, Bachelor degree in Information Security, Computer science or equivalent. Official certification like CISSP, CISM, ITILv4 will be valuable.

Certification in SC-400 (Implement Information Protection in Microsoft 365) and SC-200 (Mitigate threats using Microsoft Defender XDR) will be valuable.

Experience: We are looking for a senior profile, fluent in English, with, at least 5 years of related professional experience in Information and Cybersecurity environment, Information Security Analyst or similar role.

• Experience in ISO 27001 and / or IEC 62443.
• Good knowledge of Advanced Persistent Threat detection, data loss prevention, vulnerability analysis and mitigation, Public Key Infrastructure, communications and information encryption.
• Understanding of security baselines for Microsoft 365 solution.
• Experience with information security penetration testing and techniques.
• Experience working in a project management, implementing and coordinating cybersecurity action plan.
• Knowledge of information security landscapes like Firewalls, Proxies, SIEM, Anti-Malware, IDS…etc.
• Handling of security risk management methods.

• Strong conceptual thinking, troubleshooting and analytical skills.
• Highly organized, detailed oriented and completeness.
• Pro-active and eager to learn.