Senior GRC Security Engineer
hace 2 meses
Company DescriptionWe are SGS - the world's leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 99,600 employees operate a network of 2,600 offices and laboratories, working together to enable a better, safer and more interconnected world.Job DescriptionThe Senior GRC Security Engineer will be part of the Technical Security Office (TSO) and will play a critical role in protecting the organization's assets, ensuring regulatory compliance, and managing cyber risk.Specific responsibilities:Implementation and monitoring of security controls: manage the technical security architecture of the organization, implement protective measures, and ensure their effectiveness across the IT environment.Development of security policies and procedures: create, review, and update security policies, procedures, and hardening guides to ensure regulatory compliance and best practices.Support for customer assessments: provide support for customer-requested security evaluations, ensuring alignment with the organization's security standards.Management of security exceptions: evaluate, manage, and document security exception requests, ensuring associated risks are appropriately controlled.Support to business and IT on security requirements: advise business and IT areas on matters related to information security requirements, ensuring that controls are effective and integrated into operational processes.Support for third-party audits: Collaborate on external and internal audits, including ISO 27001 certification audits, financial audits, ITGC (IT General Controls), and other compliance reviews related to information security.Projects: security assessments, findings, product evaluations, propositions for further system security enhancement & S-SDLC.Compliance and audits: Ensure compliance with information security regulations (ISO 27001, GDPR, NIST, NIS2, IA EU Act, etc.) and assist in internal and external audits.Governance and risk management: participate in the development and review of security policies, as well as in the identification, assessment, and mitigation of cybersecurity risks.Evaluation of security technologies: participate in the assessment of security technologies, identify and define system and security requirements, baselines and controls for both the existing environment and new developments in IT infrastructure.Collaboration across departments: work with IT, Development, Business lines and Human Resources departments to ensure that security controls are effective and that policies are correctly applied.Business continuity: design and document business continuity strategies to minimize disruptions in operations due to unforeseen incidents, such as cyber-attacks, natural disasters, or system failures, ensure BCP aligns with organizational risk management strategies and regulatory requirements.Training and security awareness: select training content and lead awareness campaigns. Organize controlled phishing tests for employees to assess and improve the organization's security culture.Dashboards creation and KPI tracking: develop security dashboards and monitor key security performance indicators (KPIs) to track the effectiveness of security controls and identify areas for improvement.Ensure policies help meet compliance with regulatory requirements, including but not limited to ISO27001, GDPR, SOC2, etc.Conduct assessments to identify gaps and make sound recommendations for improvement. Identify acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk mitigation.Conduct and monitor the enterprise security awareness program, monitoring for compliance across the organization.Prepares documentation, presentations and reports for management.Leads discussions with management regarding policy effectiveness and prepares reports to management communicating results including recommendations to IT Policies to help improve technology and business practices.QualificationsThe ideal person enjoys security work and possesses expertise in the security space, both in depth and in width. Should be quite confident, very curious, extremely open minded and eager to learn and grow in the cyber security area.Qualifications & soft skillsBachelor's degree in computer information systems, Information Technology or related field;Certifications in information security (CISSP, CISM, ISO 27001 Lead Auditor/Implementer, CRISC) are highly desired;At least 3-5 years of experience in a similar information security role, preferably within a technical or internal security office environment;Advanced knowledge of cybersecurity regulations: Experience with frameworks such as ISO 27001, NIST, PCI-DSS, GDPR, among others. Ability to manage compliance audits and GRC (Governance, Risk, and Compliance) reporting;Lead Auditor 27001, CISA, CISSP qualifications would be desirable;Technical knowledge of network, databases and operating system security and understanding of the latest security principles, techniques, concepts and protocols;Training and awareness in security governance, risk, and compliance;Knowledge in the following areas: operating systems, applications, operations (batch processing, monitoring) networking and telecommunications, databases, and logical security;Ability to work independently as well as being a team player, in a fast-paced and international environment;Ability to manage multiple projects concurrently and work under pressure;Strong problem solving and innovative and critical thinking;Fluent in English; knowledge of other languages would be a plus;Proficient in MS Office tools (Excel, Word, PowerBi etc.).Additional InformationThis position is based in our office in Madrid and is an excellent entry point into SGS and will open up opportunities to career development within the Group.
#J-18808-Ljbffr
-
Senior GRC Security Engineer
hace 2 meses
España SGS A tiempo completoSGSEnhancing warfighter support with AI: Streamlining sustainment and supply, empowering personnel, and informing leadership decisions.We are SGS – the world's leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 99,600 employees operate a network of 2,600 offices...
-
Senior GRC Security Engineer
hace 2 meses
España SGS A tiempo completoCompany Description We are SGS – the world's leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 99,600 employees operate a network of 2,600 offices and laboratories, working together to enable a better, safer and more interconnected world. Job Description The...
-
Senior Grc Security Engineer @ Sgs
hace 4 semanas
España buscojobs España A tiempo completoSGSEnhancing warfighter support with AI: Streamlining sustainment and supply, empowering personnel, and informing leadership decisions.We are SGS – the world's leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 99,600 employees operate a network of 2,600 offices...
-
Senior GRC Security Engineer @ SGS
hace 1 mes
España Cyber Crime A tiempo completoSGS Enhancing warfighter support with AI: Streamlining sustainment and supply, empowering personnel, and informing leadership decisions.We are SGS – the world's leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 99,600 employees operate a network of 2,600 offices...
-
Global IT Security GRC Analyst
hace 2 meses
España Axalta Coating Systems A tiempo completoJob Description:Axalta has remained at the forefront of the coatings industry by continually investing in innovative solutions. We engineer technologies that protect customers' products - whether they are battling heat, light, corrosion, abrasion, moisture, or chemicals - and add dimension and beauty with colorful finishes. We have a vast and ever-evolving...
-
España TUI A tiempo completoABOUT THE JOB As a Senior Information Security GRC Analyst, you will have experience in the day-to-day management, delivery and tracking of actions towards our assurance and compliance programmes. You will have knowledge and practical experience of regulatory compliance activities (e.g. GDPR) and have a view on how delivery and tracking of compliance actions...
-
Global IT Security GRC Analyst
hace 2 meses
España Axalta Coat. Sys. Spain A tiempo completoAxalta has remained at the forefront of the coatings industry by continually investing in innovative solutions. We engineer technologies that protect customers’ products – whether they are battling heat, light, corrosion, abrasion, moisture, or chemicals – and add dimension and beauty with colorful finishes. We have a vast and ever-evolving portfolio...
-
España TUI A tiempo completoABOUT THE JOB As a Senior Information Security GRC Analyst, you will have experience in the day-to-day management, delivery and tracking of actions towards our assurance and compliance programmes. You will have knowledge and practical experience of regulatory compliance activities (e.g. GDPR) and have a view on how delivery and tracking of compliance actions...
-
GRC Expert
hace 2 meses
España Santander A tiempo completoGRC Expert - Security (ODS) Country: Spain Open Digital Services is a tech company with a unique culture, dedicated to creating innovative products for Santander Group Affiliates. Open Digital Services is part of the Retail & Commercial Division of Santander Group, one of the world's largest financial institutions and the Eurozone's leader, we're committed...
-
Cloud Security Engineer
hace 2 meses
España Bit2Me A tiempo completoVolver a la página principal Cloud Security Engineer Castelló de la Plana · Publicada el 18 de septiembre de 2024 Descripción ¿Te apasiona el reto de trabajar en el mundo cyber a través de la plataforma en la nube? ¿Quieres sumarte al exchange Nº1 en España? Sigue leyendo, porque en Bit2Me buscamos a alguien como tú para unirse a nuestro...
-
GRC Solutions Senior Analyst
hace 2 meses
España Amadeus IT Group A tiempo completoGRC Solutions Senior Analyst - Archer IRMJob Title: GRC Solutions Senior Analyst - Archer IRMSummary of the roleThe GRC (Governance, Risk and Compliance) Solutions Senior Analyst is responsible for defining, building, delivering, and maintaining Risk Management applications in alignment with the Amadeus business strategy. This role will enable Amadeus’ DTS...
-
Senior Network Security Operations Engineer
hace 2 meses
España Kapres Technology, S.L. A tiempo completoDesde Kapres Technology estamos buscando un Network Security Operations Engineer para trabajar con un cliente. Como Network Security Operations Engineer, desempeñará un papel fundamental para garantizar la estabilidad, integridad y seguridad de la infraestructura de red de la organización. Aprovechando su amplia experiencia y conocimientos en operaciones...
-
Security Engineer
hace 3 semanas
España Werfenlife SA. A tiempo completoThe Senior Security Engineer plays a role in identifying, assessing and mitigating vulnerabilities in the organization's systems, networks, and applications. This role involves conducting comprehensive technical assessments, defining security requirements for new systems, and integrating security measures throughout the system development lifecycle. The...
-
España buscojobs España A tiempo completoSenior Information Security Engineer, Product Security Engineering, CloudApplyMinimum QualificationsBachelor's degree or equivalent practical experience.5 years of coding experience in one or more general purpose languages.5 years of experience with security assessments, security design reviews, or threat modeling.5 years of experience with security...
-
España Google A tiempo completoSenior Information Security Engineer, Product Security Engineering, CloudCompany: GoogleGoogle’s mission is to organize the world's information and make it universally accessible and useful.Minimum Qualifications:Bachelor's degree or equivalent practical experience.5 years of coding experience in one or more general purpose languages.5 years of experience...
-
Especialista Senior en Ciberseguridad y GRC
hace 1 mes
España Evolutio A tiempo completoEspecialista Senior en Ciberseguridad y GRCJornada CompletaEspañaProvincia:¿Te gustaría ser un "Superhéroe de la Nube"? Buscamos profesionales que quieran desarrollar los últimos "superpoderes" en nuestras tres áreas tecnológicas clave para dar respuesta a los retos digitales de nuestros clientes: Adopción Cloud, Experiencia Digital y Ciberseguridad...
-
IT Analyst SAP GRC
hace 2 días
España Daikin Europe A tiempo completoDaikin EuropeDaikin provides more than just heating and cooling; take control of your climate with our high quality and energy-efficient solutions for all buildings.Daikin Europe NV (DENV) is a subsidiary of Daikin Industries Limited, a leading developer, producer, and supplier of HVAC-R (heating, ventilation, air conditioning, and refrigeration) solutions....
-
Senior Network Security Operations Engineer
hace 4 semanas
España Kapres Technology, S.L. A tiempo completoDesde Kapres Technology estamos buscando un Network Security Operations Engineer para trabajar con un cliente. Dentro del equipo de Operaciones de Seguridad de Red: - Monitorear y operar soluciones de seguridad como firewalls, NIPS, VPN, soluciones de seguridad en la nube y tecnologías relacionadas. - Realizar análisis integrales de patrones y...
-
Senior Security Automation Engineer
hace 3 semanas
España Celonis A tiempo completoWe're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.The Team:Our Global information security organization is responsible for...
-
IT Analyst SAP GRC
hace 2 días
España Daikin A tiempo completoJob Category: Information Technology SolutionsLocation: Madrid, M, ESJob Requisition ID: 1826Daikin Europe NV (DENV) is a subsidiary of Daikin Industries Limited, a Japanese outstanding company and worldwide the biggest developer, producer and supplier of HVAC-R (heating, ventilation, air conditioning and refrigeration) solutions. DENV is Daikin’s sales,...
