Senior GRC Security Engineer
hace 2 días
Company Description
We are SGS – the world's leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 99,600 employees operate a network of 2,600 offices and laboratories, working together to enable a better, safer and more interconnected world.
Job DescriptionThe Senior GRC Security Engineer will be part of the Technical Security Office (TSO) and will play a critical role in protecting the organization’s assets, ensuring regulatory compliance, and managing cyber risk.
Specific responsibilities:
- Implementation and monitoring of security controls: manage the technical security architecture of the organization, implement protective measures, and ensure their effectiveness across the IT environment.
- Development of security policies and procedures: create, review, and update security policies, procedures, and hardening guides to ensure regulatory compliance and best practices.
- Support for customer assessments: provide support for customer-requested security evaluations, ensuring alignment with the organization’s security standards.
- Management of security exceptions: evaluate, manage, and document security exception requests, ensuring associated risks are appropriately controlled.
- Support to business and IT on security requirements: advise business and IT areas on matters related to information security requirements, ensuring that controls are effective and integrated into operational processes.
- Support for third-party audits: Collaborate on external and internal audits, including ISO 27001 certification audits, financial audits, ITGC (IT General Controls), and other compliance reviews related to information security.
- Projects: security assessments, findings, product evaluations, propositions for further system security enhancement & S-SDLC.
- Compliance and audits: Ensure compliance with information security regulations (ISO 27001, GDPR, NIST, NIS2, IA EU Act, etc) and assist in internal and external audits.
- Governance and risk management: participate in the development and review of security policies, as well as in the identification, assessment, and mitigation of cybersecurity risks.
- Evaluation of security technologies: participate in the assessment of security technologies, identify and define system and security requirements, baselines and controls for both the existing environment and new developments in IT infrastructure.
- Collaboration across departments: work with IT, Development, Business lines and Human Resources departments to ensure that security controls are effective and that policies are correctly applied.
- Business continuity: design and document business continuity strategies to minimize disruptions in operations due to unforeseen incidents, such as cyber-attacks, natural disasters, or system failures, ensure BCP aligns with organizational risk management strategies and regulatory requirements.
- Select training content and lead awareness campaigns and monitor compliance across the organization.
- Dashboards creation and KPI tracking: develop security dashboards and monitor key security performance indicators (KPIs) to track the effectiveness of security controls and identify areas for improvement.
- Ensure policies help meet compliance with regulatory requirements, including but not limited to ISO 27001, GDPR, SOC2, etc.
- Conduct assessments to identify gaps and make sound recommendations for improvement. Identify acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk mitigation.
- Prepares documentation, presentations and lead discussions with management regarding policy effectiveness and prepares reports to management communicating results including recommendations to IT Policies to help improve technology and business practices.
Qualifications
Please submit English CV
The ideal person enjoys security work and possesses expertise in the security space, both in depth and in width. Should be quite confident, very curious, extremely open minded and eager to learn and grow in the cyber security area.
Qualifications & soft skills
- Bachelor’s degree in computer information systems, Information Technology or related field;
- Certifications in information security (CISSP, CISM, ISO 27001 Lead Auditor/Implementer, CRISC) are highly desired;
- At least 3-5 years of experience in a similar information security role, preferably within a technical or internal security office environment;
- Advanced knowledge of cybersecurity regulations: Experience with frameworks such as ISO 27001, NIST, PCI-DSS, GDPR, among others. Ability to manage compliance audits and GRC (Governance, Risk, and Compliance) reporting;
- Lead Auditor 27001, CISA, CISSP qualifications would be desirable;
- Technical knowledge of network, databases and operating system security and understanding of the latest security principles, techniques, concepts and protocols;
- Training and awareness in security governance, risk, and compliance;
- Knowledge in the following areas: operating systems, applications, operations (batch processing, monitoring) networking and telecommunications, databases, and logical security;
- Ability to work independently as well as being a team player, in a fast-paced and international environment;
- Ability to manage multiple projects concurrently and work under pressure;
- Strong problem solving and innovative and critical thinking;
- Fluent in English; knowledge of other languages would be a plus;
- Proficient in MS Office tools (Excel, Word, PowerBi etc.).
This position is based in our office in Madrid and is an excellent entry point into SGS and will open up opportunities to career development within the Group.
#J-18808-Ljbffr-
Centro, España TUI A tiempo completoABOUT THE JOB As a Senior Information Security GRC Analyst, you will have experience in the day-to-day management, delivery and tracking of actions towards our assurance and compliance programmes. You will have knowledge and practical experience of regulatory compliance activities (e.g. GDPR) and have a view on how delivery and tracking of compliance actions...
-
Consultor Senior GRC, Madrid
hace 2 días
Centro, España Michael Page A tiempo completoConsultor Senior GRC en Madrid.Perfil buscado (Hombre/Mujer): Gestionar y supervisar la implementación de políticas y procedimientos GRC. Proporcionar asesoramiento estratégico a los clientes en cuestiones de GRC. Desarrollar e implementar programas de formación GRC. Mantenerse al día con las tendencias y regulaciones de la industria de Tecnología y...
-
GRC Solutions Senior Analyst
hace 1 mes
Centro, España Amadeus A tiempo completoGRC Solutions Senior Analyst - Archer IRM GRC Solutions Senior Analyst - Archer IRM Job Title Job Title GRC Solutions Senior Analyst - Archer IRMSummary of the role The GRC (Governance, Risk and Compliance) Solutions Senior Analyst is responsible for defining, building, delivering, and maintaining Risk Management applications in...
-
GRC Solutions Senior Analyst
hace 1 mes
Centro, España Amadeus IT Group A tiempo completoGRC Solutions Senior Analyst - Archer IRM Job Title: GRC Solutions Senior Analyst - Archer IRM Summary of the role The GRC (Governance, Risk and Compliance) Solutions Senior Analyst is responsible for defining, building, delivering, and maintaining Risk Management applications in alignment with the Amadeus business strategy. This role will enable...
-
Senior Networking
hace 2 meses
Centro, España ING A tiempo completoAt ING we are looking for Senior Networking & Security Infrastructure Engineer Your role and work environment: We are looking for a talented and enthusiastic Senior Networking & Security Infrastructure Engineer to join our Networking & Security Infrastructure Team of Cloud & Tech Foundation Tribe. The responsibility of this team is to manage IT-network &...
-
Information Security, Risk
hace 2 meses
Centro, España Fever España A tiempo completoHi, we’re Fever. We’re excited you are checking out this job offer. We are the leading global live-entertainment discovery tech platform with a clear mission: to democratize access to culture and entertainment. How do we achieve our mission? Fever has developed a proprietary technology that inspires a global community of over 125M people through...
-
Senior Systems Technical Support Engineer
hace 1 mes
Centro, España SAS A tiempo completoSenior Systems Technical Support Engineer - Hybrid About the job The Global MidTier Technical Support Engineer team is looking for a Senior Systems Technical Support Engineer to provide technical support for enterprise-class SAS software application and/or solutions installations by applying knowledge of a particular platform or set of industry...
-
Senior Data Engineer
hace 2 meses
Centro, España Civitatis A tiempo completo¿Te apasionan los viajes, la cultura y el ocio y tienes ganas de participar en el crecimiento de la empresa Nº 1 en servicios turísticos en español?Nuestro equipo no para de crecer y buscamos personas con talento e ilusión por desarrollarse. Somos un equipo joven, multicultural e innovador que entiende cada día como un desafío y una nueva oportunidad...
-
Cybersecurity Engineer
hace 2 meses
Centro, España Alstom A tiempo completoAt Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide,...
-
Datacenter Senior Mechanical Engineer
hace 2 meses
Centro, España Microsoft A tiempo completoOverview This Senior Mechanical Engineer position will fulfill an on-site role at Microsoft Datacenter campus, supporting ongoing construction activities. This role will serve as a daily on-site presence to review progress and support quality design of multiple concurrent datacenter builds. The position will be responsible for monitoring progress for...
-
Senior DevOps Engineer
hace 2 días
Centro, España BASF SE A tiempo completoWHAT YOU CAN EXPECT We are seeking an experienced Senior DevOps Engineer with specialized skills in Microsoft Azure and database management to join our team. The ideal candidate will have extensive experience in automating and optimizing CI/CD pipelines, managing Azure cloud infrastructure, and ensuring the reliability, scalability, and performance of...
-
Cybersecurity Engineer
hace 2 días
Centro, España ALSTOM Gruppe A tiempo completoCybersecurity Engineer Date: 30 Jul 2024 Location: Madrid, MD, ES Company: Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry....
-
Senior DevOps Engineer
hace 2 días
Centro, España BASF SE A tiempo completoJOIN THE TEAM DevHub is a cloud-based developer platform designed to streamline developers' work at BASF, providing essential tools and resources to ensure customer satisfaction. From infrastructure to developer tooling and security, the platform offers a feature-rich DevOps / MLOps experience. We are seeking a highly motivated and detail-oriented...
-
Senior Machine Learning Engineer
hace 1 mes
Centro, España Nielseniq A tiempo completoNIQ is seeking a highly skilled and experienced Senior ML Engineer to join our dynamic team. As a Senior ML Engineer at NIQ, you will play a crucial role in developing and implementing advanced AI/GenAI models and algorithms to solve complex business problems. You will collaborate closely with cross-functional teams to design, build, and deploy scalable...
-
Senior Pipeline Engineer
hace 3 horas
Centro, España CALIFORNIA MUSEUM-PHOTOGRAPHY A tiempo completoJob Title: Senior Pipeline Engineer As a Senior Pipeline Engineer, you will define, develop, test, analyze, and maintain software applications and libraries for the global feature animation pipeline by employing industry best practices. You will also research, design, document, and modify software specifications throughout the production life cycle. As a...
-
Senior Security Specialist Remediation
hace 2 días
Centro, España BASF SE A tiempo completoSenior Security Specialist Remediation (m/f/d) At BASF Digital Hub Madrid we develop innovative digital solutions for BASF, create new exciting customer experiences and business growth, and drive efficiencies in processes, helping to strengthen BASF´s position as the digital leader in the chemical industry. We believe the right path is through creativity,...
-
Senior PSA Engineer for Accident Analysis
hace 2 días
Centro, España Holtec International A tiempo completoHoltec International is an Equal Opportunity Employer. For applicable non-exempt positions, benefits include but are not limited to health and dental insurance, 401K retirement plan, and tuition reimbursement. Holtec International is a diversified energy technology company with its Corporate Technology Center located in Camden, New Jersey in the South Jersey...
-
Senior Data Engineer
hace 2 meses
Centro, España Growara A tiempo completoEstamos ayudando a una startup health tech súper top que está revolucionando el acceso a la salud gracias a la tecnología. Buscamos a alguien que se una al equipo como Senior Data Engineer para ayudarles a seguir mejorando la vida de las personas a través de datos. ¿Te animas?¿CUÁL ES SU PROPÓSITO?Son una startup con oficinas en Madrid y Barcelona, y...
-
Senior Software Engineer-Kubernetes Infrastructure
hace 2 meses
Centro, España New Relic, Inc. A tiempo completoSenior Software Engineer - Kubernetes Infrastructure Location: Fully Remote or Hybrid (works from home and New Relic office throughout the week) Your Opportunity: At New Relic, we provide our customers real-time insights, so they can innovate faster. Our software delivers insightful observability tools across different technologies and distributed systems,...
-
Senior Data Engineer
hace 1 mes
Centro, España Logicalis Spain A tiempo completoEn Logicalis Spain estamos buscando a un perfil de Data Engineer con conocimientos de modelos de datos analíticos (en estrella), SQL y Python para el área de Data & Analytics y para el área de Data de uno de nuestros principales clientes del sector seguros. Requisitos Funcionales Buscamos a un/a ingeniero/a de datos senior. Requisitos Técnicos: ...
