Consultor Senior Ciberseguridad

**Hello We are **CAPGEMINI,
**We are very lucky to work in a sector that is leading the evolution towards a sustainable and inclusive future. The technology. The catalyst for so many solutions that we need now more than ever.
**We are **360,000 PEOPLE **around the world moving forward together and driven by the same passion. No matter where we are, we can be at home, in the office, a thousand kilometers away from each other, but we are aware that **OUR WORK COUNTS.
**What will you do in the project?
**In this role, you will support and participate in some of our clients' projects while maintaining a control and management approach, as well as identifying, evaluating and managing IT and Security risks, mainly through evaluation and advice related to Governance, Risk and Compliance (GRC) issues. Among the expected projects would be both the development of evaluations vs. Frameworks and standards known as the execution of audits from a security point of view. You will advise and challenge control and mitigation plans, from a systems and security point of view, and with a business focus, providing support and advice on best practices in your companies and locations.
**Responsibilities:
- **Act as an auditor, assessor and coordinator of security requirements, and ensure that security requirements are met in those scopes indicated by the target work.**:

- **Provide evaluation reports to the management team with clearly agreed findings, recommendations, and management action plans.**:

- **Contribute in the preparation and execution phases of security audits (NIST Controls, CIS, ISO27001) from the clients' Security perspective.**:

- **Develop and maintain safety support material (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.**:

- **Collaborate with other security teams and security professionals to share best practices and knowledge.**:

- **Participate in key projects to independently provide safety requirements, assess risks, and ensure appropriate risk mitigation measures have been taken.**:

- **Work closely with the Group's Office of Technology, Internal Audit, Risk Management, Information Security Assurance Teams at Security and other global stakeholders to maintain compliance with Group Security, regulatory and industry requirements.**:

- **Provide expertise in Information Security policies, standards, and processes.**:

- **Creation and review of documentation.**:

- **Stay up-to-date on cybersecurity regulations and standards, for different sectors and areas (DORA, NIS2, EIOPA,...)
**To feel comfortable in the position, you need to be able to get along well with:
- **Bachelor's degree from an accredited college/university.**:

- **Minimum 2+ years dedicated to the field of Information Technology (IT)**:

- **Minimum 2+ years dedicated to the field of security audits and risk management in the cybersecurity industry.**:

- **High level of English. Although the position is in Spain, we also work with international teams and clients.**:

- **Specific knowledge of governance, risk management (IT and Security), auditing (Lines of Defense), IT processes and Security (e.g. Security Policies and Standards, Vulnerabilities, Hardening, DevOps) is required.**:

- **Ability to interact with and influence senior business leaders to drive change and continuous improvement.**:

- **Progressive experience managing multiple projects simultaneously with excellent organizational, analytical, and critical thinking skills**:

- **Certifications:
**It will be valued to have between 1-3 certifications of the following: ISO/IEC 27001 Lead Auditor or similar, ITIL, CISM, CISSP, CISA, CRISC, GIAC Certifications (any), CEH/OSCP, CompTIA...