Information Security Administrator

**CEMOLINS SERVICIOS COMPARTIDOS, S.L.**:
Cemolins Servicios Compartidos, S.L. fue creado en el año 2014 con la misión de realizar las funciones de back office de las sociedades del Grupo, centralizando procesos, recopilando el conocimiento y estableciendo sinergias entre las distintas áreas y negocios. A través de la especialización, el conocimiento y la experiência, estandarizamos, mejoramos, consolidamos y optimizamos los recursos humanos, tecnológicos y físicos para ofrecer, con la máxima eficiencia y eficacia el mejor servicio.

**Descripción de la oferta**:
At Cementos Molins we have been creating products and developing innovative and sustainable solutions for the construction sector during ca. 100 years. This enables us to contribute towards the development of society and people's quality of life. Our integrated business model includes aggregates, cement, ready-mix concrete, mortars, precast solutions, urban landscaping, architectural facades, and waste management.

Our long history has been possible thanks to a team over 6,200 employees in twelve countries on four continents, who work every day with passion, respect, and integrity.

We are looking for a talented and dedicated professional to join the Information Security team reporting the Cybersecurity Manager.

The person in this position will be responsible for a broad range of tasks, including the day-to-day administration of cybersecurity tools and devices, as well as first-level and second-level support for security information and incident management. Their role may also include significant responsibilities regarding the security administration of a wide variety of IT systems across the enterprise.

Additionally, as legal and regulatory compliance drivers continue to grow in impact and importance, many of the security administrator's tasks may also be part of an audit support function.

In a world where cybersecurity has become the backbone of all business operations, your role will be key; and you will be able to contribute not only to protect our systems but also be the guardian of our clients’ trust. If you’re ready to take on this challenge and become the unsung hero in the digital age, we invite you to step forward and show that security is more than a job, it’s your passion.

**MAIN RESPONSABILITIES**
- ** Security Operations**
- Participate in the **design, implementation and operation** of different security solutions in place.
- You will need to be involved in heterogeneous projects in order to assure **Security by default** principles, giving the most suitable solutions to meet the right balance between business needs and cybersecurity requirements.
- **Security Management**
- Develop and maintain corporate security policy **documentation** (policies, procedures, guidelines, etc.)
- Lead actions aimed at improving the cybersecurity **culture** of the organization.
- Ensure alignment with **Security Master Plan** and associated budget.
- **Risk Management**
- Track lessons learned from **security incidents** and drive the remediation of audit findings.
- Ensure that **security controls** are effective.
- **Manage risk** in a pragmatic and cost-effective manner to ensure stakeholder confidence.
- **Report** on the overall effectiveness of the security programme in the security domains against defined key performance indicators and drive continuous improvement.
- Continuous and tight collaboration with GRC team.
- **Technology Prescription**
- **Assess and recommend** technologies, tools and solutions.
- Identify opportunities to optimize technology landscape.
- Promote the implementation of new cybersecurity tools to improve the security posture and propose innovative solutions according to the state of the art.

**Requisitos**:

- Bachelor’s/Master’s degree in computer science, Information Technology or a related field.
- Minimum of 2+ years of IT or network security demonstrable experience.
- Strong understanding of business processes and the ability to align technology solutions with business strategies.
- Project management skills with the ability to prioritize and execute multiple initiatives.
- Good understanding of standards and frameworks such as ISO27001, NIST, PCI, OWASP, ITIL and COBIT. CISSP/CISM/CISA and similar certifications will be also appreciated.
- Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.
- Proven leadership skills, to mitigate risks and drive resolution of issues.
- Strong analytical and problem-solving skills, with the ability to address complex issues, evaluate complex technical requirements, constraints and provide effective solutions.
- Competencies: Responsible, proactive, dynamic person, with great work capacity, organization, who pays attention to details. Ability to thrive in a fast-paced and dynamic environment, adapting to changing market conditions and technological advancements to maintain