Senior Information Security Consultant
hace 4 semanas
**About Advantio**
Established in 2009, Advantio maintains an extensive team of consultants and security testing experts to provide digital security and assurance to its customers. Originally established as a payment compliance market leader, Advantio has grown from an established and leading payment security and compliance organisation in Europe to develop its comprehensive Cyber Security and Managed Security Services expertise - offering consultancy, products, and services to support organisations to first understand or their own cyber security related business risks and then by providing suitable and affordable solutions to manage those risks effectively and to remediate against threats proportionately. Advantio primarily serves the FinTech and Payment Card industries and is recognised by VISA as one of Europe’s top Qualified Security Assessor (QSA) providers.
**Role Mission**
To lead Security Consultancy engagements with clients within financial services and payment card industries. Focusing on delivery of Payment Compliance services, which include but are not limited to:
- PCI specialized assessment (PIN, P2PE, SSF, 3DS, etc.)
- PCI DSS, Swift, PSD2 assessments,
- GAP Analysis,
- Policy and Procedure review.
**Key Responsibilities**
- Lead customer engagements and provide senior cyber security advice and services to a broad range of clients and industries.
- Provide detailed analytical reporting, internal reporting metrics and program management.
- Provide leadership and mentorship to Junior consultants.
**Preliminary Analysis**
- Identifying all the stakeholders, sponsors, technical references (e.g. IT Project Manager, Software Engineer, Security Analyst) of the client in order to define the initial conditions and the needs analysis
**Gap Analysis and Scoping**
- Review of all locations and flows of cardholder data, as well as asset inventories
- Conducting PCI standards interviews to have a complete map of information/data workflows, processes and procedures, payment card data flow, information security controls
- Conducting technical interviews to understand eventual data security problems from in-depth technical point of view
- Producing Scoping and Gap Analysis Documentation
**Remediation**
- Providing the customer with a remediation plan/gap report
- Guiding and supporting all the remediation processes ensuring that the gaps are mitigated correctly
**Formal Assessment**
- Conducting technical interviews to understand eventual data security problems from in-depth technical point of view
- Analysis of network diagrams, asset lists to understand the infrastructure used by the customers
**Documentation**
- Preparation, validation and approval Reports on Compliance (RoC) and/or Reports of Validation (RoV) according to the standard templates provided by PCI SSC
- Preparation, validation and approval of Attestation of Compliance (AoC) and/or Attestation of Validation (AoV) according to the standard templates provided by PCI SSC
- Submission all the documentation to PCI SSC for the final approval in case of PA-DSS/P2PE process (signed RoV, AoV, Implementation Guide and Vendor Release Agreement)
**Knowledge and Skills (PCI QSA)**
- PCI QSA qualification
- P2PE qualification and/or relevant Encryption experience would be a distinct advantage.
- PCI DSS (PA-DSS, P2PE, PCI 3DS), GDPR Knowledge
- Virtualization
- Cloud technologies
- Cryptography techniques including algorithms, key management, and key lifecycle.
- Knowledge of industry standards for cryptographic techniques and key management, including but not limited to, ISO 11568 and 13491, ANSI X9.24 and X9.97, and NIST 140-2 Level 3
- Public key infrastructure (PKI) and the role and operations of a Certification Authority (CA) and Registration Authority (RA)
- Hardware security modules (HSMs) operations, policies, and procedures
- POI key-injection systems and techniques including key-loading devices (KLDs) and key management methods, such as Master/Session or DUKPT
- Physical security techniques for high-security areas
- Relevant PTS Security Requirements (e.g., SRED, SCR, OP)
- Authentication methods and techniques
- Networking (routing, switching, firewall network filtering)
- Operating Systems (Linux/Unix, Windows)
**Values and Competencies**
- Problem Solving (analysis, helicopter view, problem setting, decision making)
- Planning and Organization (time management, scheduling and control)
- Communication (clearness, listening, persuasion)
- Networking (reinforce relationships, use emotional intelligence and personal proximity)
- Results Orientation (delivering solutions, work under pressures
**Advantio Core Values**
- Harmony, always strive to create harmony
- Openness, always be open
- Social Responsibility, be socially responsible
- Timeless, whatever you build make it timeless
- Accommodating, make our customers feel at Home
- Learning, be a Learn it all
- Deliver, Results
-
Senior Security Consultant
hace 4 semanas
Madrid, España NCC Group A tiempo completoThe Opportunity NCC Group provides Information Assurance consultancy to help companies protect critical systems and information. We do this by defining security strategies, conducting compliance audits, developing policies, conducting security maturity and risk assessments and architecture reviews and by delivering security awareness & training...
-
Senior Information Security Consultant
hace 4 semanas
Madrid, España Advantio A tiempo completo**About Advantio** Established in 2009, Advantio maintains an extensive team of consultants and security testing experts to provide digital security and assurance to its customers. Originally established as a payment compliance market leader, Advantio has grown from an established and leading payment security and compliance organisation in Europe to develop...
-
Information Security Analyst
hace 2 semanas
Madrid, España Celonis A tiempo completoThe Team: Our Global information security organization is responsible for security and trust. We manage security and compliance for Celonis. We continuously govern the security program of Celonis and maintain security certifications required by our customers. The Information Security Trust team is looking for a new member in our Governance and Compliance...
-
Information Security
hace 3 semanas
Madrid, España Verisure A tiempo completoDo you want to have an impact every day by making people safe - and bringing them peace of mind? Interested in being part of a dedicated, passionate team which believes that security is a human right? Looking to join a company where innovation and technology are at the heart of its solutions? What we look for Highly motivated individuals with...
-
Information Security
hace 3 semanas
Madrid, España Verisure Sàrl A tiempo completoDo you want to have an impact every day by making people safe - and bringing them peace of mind? Interested in being part of a dedicated, passionate team which believes that security is a human right? Looking to join a company where innovation and technology are at the heart of its solutions? What we look for Highly motivated individuals with...
-
Information Security Analyst
hace 3 semanas
Madrid, España Celonis A tiempo completoWe're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us. The Team: Our Global information security organization is responsible...
-
Information Security Engineer
hace 7 días
Madrid, España White Hat Gaming A tiempo completo**About White Hat Gaming** Founded in 2012, White Hat Gaming (WHG) is an online casino technology and services company with offices in Malta, London, Gibraltar, Chicago, and Cape Town. With a global team of over 550 specialists, we provide market-leading content, including Kambi Sportsbook and over 100 leading games providers. We promote and foster a...
-
Sr Information Security Grc Analyst
hace 2 días
Madrid, España OneTrust A tiempo completo**Strength in Trust**: At OneTrust, we help businesses around the world to make trust a competitive advantage. Our category-defining enterprise platform enables organizations to operationalize trust across privacy, security, data governance, GRC, third-party risk, ethics, and compliance, and ESG. **The Challenge**: We are looking for a dynamic Information...
-
Senior Consultant
hace 5 días
Madrid, España NCC Group A tiempo completoPosition Title: Senior Consultant Location: Spain Role Purpose: - As a Senior consultant at NCC Group's EU Consulting and Implementation (C&I) division, your role is pivotal in providing Information Assurance consultancy to businesses, aiding them in safeguarding critical systems and information assets. Your responsibilities will include building and...
-
Privacy and Information Security Analyst
hace 4 semanas
Madrid, España goFLUENT A tiempo completogoFLUENT is fundamentally disrupting the language learning market around the world, helping companies design a global digital training strategy for their employees. goFLUENT accelerates the process of learning language through its platform, a unique blend of AI-powered technology, unmatched content library, and human interaction. We are a mission-driven...
-
Senior Platform Security Engineer
hace 2 semanas
Madrid, España Celonis A tiempo completoThe Team: Our Global information security organization is responsible for security and trust. We think about security-offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever-changing threat landscape. The security engineering team is always looking for talented subject matter experts in...
-
Information Security Project Manager
hace 3 semanas
Madrid, España Verisure Sàrl A tiempo completoVerisure is a global leading provider of professionally monitored security solutions. We are an international company with a start-up mindset, fast, agile and lean, high performance and value driven. The Verisure Group creates services and products for smarter, safer and more secure homes, serving customers throughout Europe and LatAm. The Verisure...
-
Information Security Project Manager
hace 3 semanas
Madrid, España Verisure A tiempo completoVerisure is a global leading provider of professionally monitored security solutions. We are an international company with a start-up mindset, fast, agile and lean, high performance and value driven. The Verisure Group creates services and products for smarter, safer and more secure homes, serving customers throughout Europe and LatAm. The Verisure...
-
Vp Information and Product Security
hace 4 semanas
Madrid, España Nexthink A tiempo completoCompany Description Nexthink is the global leader in digital employee experience management. Our products allow enterprises to create highly productive digital workplaces for their employees by delivering optimal end-user experiences. Through a unique combination of real-time analytics, automation and employee feedback, Nexthink gives IT teams the insight...
-
Senior Consultant
hace 4 días
Madrid, España NCC Group A tiempo completoPosition Title: Senior Consultant Location: Spain Role Purpose: As a Senior consultant at NCC Group's EU Consulting and Implementation (C&I) division, your role is pivotal in providing Information Assurance consultancy to businesses, aiding them in safeguarding critical systems and information assets. Your responsibilities will include building...
-
Data Engineer Senior Consultant
hace 4 semanas
Madrid, España Jakala A tiempo completo**General information**: **Office** Madrid **Country** Spain **Date Published** 12-Apr-2024 **Ref #** 1188 **Area** IT and Information Systems **Type of Presence** Hybrid **Description & Requirements**: **Data Engineer Senior Consultant** Actualmente estamos buscando un perfil de Data Engineer Senior Consultant para que se incorpore al equipo de...
-
Cyber Security Engineer
hace 3 semanas
Madrid, España SGS A tiempo completoJob Description We are seeking a highly skilled and detail-oriented professional to join our team as a Cyber Security Consultant. As a Cyber Security Consultant, you will be responsible for evaluating and assessing the security functionality of information technology products based on the Common Criteria standard. Your role will involve conducting...
-
Galileo Gsmc Information Security Engineer Madrid Area
hace 1 semana
Madrid, España Esyen Spain A tiempo completoGALILEO GSMC INFORMATION SECURITY ENGINEERMadrid Area ESYEN, as partner of Thales Alenia Space France, is currently looking for 1 GSMC Information Security Engineer to be part of the Galileo GSMC team. The position is based in the Galileo Security Monitoring Centre Spain, Madrid – Spain REQUIRED SKILLS The successful candidate owns the following: Academic...
-
SAP Wm Consultant
hace 5 días
Madrid, España Akkodis A tiempo completoOne of our end clients is looking for fluent English speaking senior SAP WM (Warehouse Management) consultant for a full time - 40h/wh - 7 months freelance contract opportunity. This is for a brand-new implementation project, where we are looking for someone with hands on experience in implementation and configuration. Ideally we are looking for a senior...
-
Data and Technical Information Security, Hibrido
hace 4 días
Madrid, España CAS TRAINING A tiempo completoData and technical information security en hibrido. Data and technical information security specialist Professional with experience in implementing technical solutions to mitigate the risk of data leakage. Knowledge of data protection and privacy regulations. With high technical knowledge that allows you to maintain disaster recovery procedures. English as a...