Security Risk Management Specialist

hace 2 meses

Barcelona, España Canonical A tiempo completo
In security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do.

To support this we need to use industry best practices paired with emerging threat information to to promote risk identification, quantification, impact analysis, and modelling to ultimately drive decision making. In this role, you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will not only work within the team but also cross-functionally with various teams across the organisation. The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks. Additionally, the team collaborates with our Organisational Learning and Development team to develop playbooks and facilitate security training across Canonical.

The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

  • Define Canonical's security risk management standards and playbooks
  • Analyse and improve Canonical's security risk practices
  • Evaluate, select and implement new security requirements, tools and practices
  • Grow the presence and thought leadership of Canonical security risk management practice
  • Develop Canonical security risk learning and development materials
  • Work with Security leadership to present information and influence change
  • Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs
  • Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)
  • Participate in risk management, decision-making, and collaborative discussions
  • Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes
  • Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action
  • Develop templates and materials to help with self-service risk management actions
  • Monitor and identify opportunities to improve the effectiveness of risk management processes
  • Launch campaigns to perform security assessments and help mitigate security risks across the company
  • Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities.

    What we are looking for

    • An exceptional academic track record
    • Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
    • Drive and a track record of going above-and-beyond expectations
    • Deep personal motivation to be at the forefront of technology security
    • Leadership and management ability
    • Excellent business English writing and presentation skills
    • Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
    • Expertise in threat modelling and risk management frameworks
    • Broad knowledge of how to operationalize the management of security risk
    • Experience in Secure Development Lifecycle and Security by Design methodology

      What we offer you

      We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

      • Distributed work environment with twice-yearly team sprints in person
      • Personal learning and development budget of USD 2,000 per year
      • Annual compensation review
      • Recognition rewards
      • Annual holiday leave
      • Maternity and paternity leave
      • Employee Assistance Programme
      • Opportunity to travel to new locations to meet colleagues
      • Priority Pass, and travel upgrades for long haul company events

        About Canonical

        Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

        Canonical is an equal opportunity employer

        We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

  • Information Security Specialist

    hace 4 semanas

    Barcelona, España Bitpanda Gmbh A tiempo completo

    Your mission As an Information Security Specialist, you will have a key role in ensuring security posture at Bitpanda in the InfoSec team. You will be responsible for the planning and implementation of compliance standards, improving IT governance level and participate in IT Risk management. You will also conduct regular cyber risk assessments to ensure an...

  • Information Security Specialist

    hace 3 semanas

    Barcelona, España Bitpanda Gmbh A tiempo completo

    Your mission As an Information Security Specialist, you will have a key role in ensuring security posture at Bitpanda in the InfoSec team. You will be responsible for the planning and implementation of compliance standards, improving IT governance level and participate in IT Risk management. You will also conduct regular cyber risk assessments to ensure an...

  • Risk Management Analyst

    hace 1 mes

    Barcelona, España TD SYNNEX A tiempo completo

    The Cyber Risk Management Analyst is responsible for assessing risk and compliance for the informational and system assets of TD SYNNEX and its suppliers. Will be responsible for executing the implementation of the organization-wide ISMS risk management function of the information security program to ensure information security risks are identified, assessed...

  • Cyber Security Specialist

    hace 3 semanas

    Barcelona, España Recooty A tiempo completo

    Cyber Security Specialist - Dabster Group Back to all jobs Cyber Security Specialist Barcelona, Catalonia, Spain 08 May 2019 Job Responsibilities Working collaboratively to detect and respond to information security incidents and vulnerabilities, maintaining and following procedures for security events alerting and security vulnerabilities reports, and...

  • Risk Management Support

    hace 1 mes

    Barcelona, España ATG Europe A tiempo completo

    Support F4E with the maintenance and continuous improvement of risk management procedures, policies and process; - Maintain and provide training to F4E staff on Risk & opportunity management; - Prepare and facilitate risk management workshops for identification of risk and opportunities; - Prepare and facilitate risk management workshops for assessment in...

  • Security Governance

    hace 1 mes

    Barcelona, España Dentsu Aegis Network A tiempo completo

    The purpose of this role is to contribute to the ongoing development of client focused security initiatives, standards and compliance strategy. Provide information security support and advisory services to our Brands, for managing clients’ security requirements, agreements and assessment programmes. The Security Governance & Risk Analyst will be...

  • Security Governance

    hace 4 semanas

    Barcelona, España dentsu A tiempo completo

    The purpose of this role is to contribute to the ongoing development of client focused security initiatives, standards and compliance strategy. Provide information security support and advisory services to our Brands, for managing clients’ security requirements, agreements and assessment programmes. The Security Governance & Risk Analyst will be...

  • Security Risk Assessment Specialist

    hace 3 semanas

    Barcelona, España D-ploy A tiempo completo

    D-ploy is an IT and Engineering Solutions company with operations throughout the EMEA region including Switzerland, Germany, Czech Republic, Austria, UK, as well as the USA. We pride ourselves on delivering innovative and superior services and solutions to numerous industry-leading clients. By building relationships and trusted partnerships within the IT...

  • Security & Risk Analyst

    hace 1 mes

    Barcelona, España Eurofins A tiempo completo

    Company Description **_ Why are we here?_** You may not know our name but we can guarantee you know our work - all we do has a positive impact on life, health and the environment. Eurofins is by your side every day, from the food you eat to the medicines you rely on. We work with the biggest companies in the world, making sure the products they supply are...

  • IT Security Specialist

    hace 1 mes

    Barcelona, España K-LAGAN A tiempo completo

    IT Security Specialist Location: Barcelona, hybrid. In K-LAGAN we are waiting for you to continue growing together! We are a strategic international technology services company, essentially committed to its team and to society. We offer solutions in IT services, engineering developments, electronics, and R&D projects. Our commitment is to hire the...

  • IT Security Risk Analyst

    hace 1 mes

    Barcelona, España Eurofins A tiempo completo

    Company Description **_ Why are we here?_** You may not know our name but we can guarantee you know our work - all we do has a positive impact on life, health and the environment. Eurofins is by your side every day, from the food you eat to the medicines you rely on. We work with the biggest companies in the world, making sure the products they supply are...

  • Information Security Consultant

    hace 4 semanas

    Barcelona, España Zurich Insurance Company A tiempo completo

    Our opportunity As an Information Security Consultant within Group Cyber and Security you will work with local, regional, and global IT, Service Providers and Zurich business functions to manage compliance, information security and IT risks to support the Business objectives of the Group. As part of this role, you will provide subject matter...

  • Regional Security Manager

    hace 1 mes

    Barcelona, España Colt Technology Services A tiempo completo

    Colt provides network, voice and data centre services to thousands of businesses around the world, allowing them to focus on delivering their business goals instead of the underlying infrastructure. LI-DNI **Role purpose** To act as a focal point for physical security operations, risk management and audits within the European Region and UK; providing a...

  • Security Specialist, 100% En Remoto

    hace 3 semanas

    Barcelona, España Social You A tiempo completo

    Security Specialist en 100% En remoto. Se requiere un perfil de Administración de repositorios de identidad de tipo LDAP (Redhat DS Oracle DS AD etc.). Monitorización supervisión y gestión de logs Throubleshooting Creación de automatismos con Shell script y Ansible. Experiencia 3 años el el Rol indicado Teletrabajo 100 LDAP, Redhat DS, Oracle DS, Shell...

  • Ot Security Specialist

    hace 3 semanas

    Barcelona, España Ag Solution Nv A tiempo completo

    OT security is a specialized branch in Cybersecurity. Our specialists are passionate in finding the equilibrium in between securing industrial environments and ensuring excelling production performance and continuity. Following the industrial standards (and beyond) we provide our customers with state ofthe art assessments, architectural solutions, tools and...

  • Governance & Risk Management Expert (Barcelona, English, Hybrid, GRC systems)

    hace 3 semanas

    Barcelona, España D-ploy A tiempo completo

    D-ploy is an IT and Engineering Solutions company with operations throughout the EMEA region including Switzerland, Germany, Czech Republic, Austria, UK, as well as the USA. We pride ourselves on delivering innovative and superior services and solutions to numerous industry-leading clients. By building relationships and trusted partnerships within the IT...

  • Security Governance, Risk, and Compliance Senior

    hace 4 semanas

    Barcelona, España Fluidra A tiempo completo

    **We are a leading company in the global pool & wellness industry**: Fluidra, a multinational group listed on the Spanish Stock Exchange, is the global leader in the pool and wellness industry. Founded in 1969, Fluidra has long-standing experience in developing innovative products and services in the global residential and commercial pool market. Fluidra...

  • Head of Compliance, Csv and Risk Management

    hace 1 mes

    Barcelona, España Arxada A tiempo completo

    Head of Compliance, CSV & Risk Management Arxada is a pioneering leader with a powerful legacy: Over 120 years of creating specialty chemicals and solutions that potentiate the performance of our customers and their products. Our solutions, our expertise and our support help them to perform better - to be more efficient, more effective and more sustainable....

  • Risk & Compliance Manager

    hace 2 días

    Barcelona, España Pno Consultants A tiempo completo

    CiaoTech, PNO Consultants Netherlands, PNO Innovation SpainPNO is looking for a Risk and Compliance Manager! In this position you will play a crucial role in ensuring that PNO Group operates in a compliant and risk-aware manner. As a company operating in 9 countries in Europe it will be quite the challenge. Your primary goal will be to establish and maintain...

  • IT Security Manager

    hace 1 mes

    Barcelona, España Setesca Talent A tiempo completo

    Descripción Our customer,an international holding company leader in the field of gaming is looking for an IT Security Manager. **The mission of this role** Leading the IT security and risk management functions while defining the IT security strategy. In addition, you will be accountable to define the IT infrastructure roadmap, supervising a team of IT...