Cybersecurity Governance Consultant - Valencia, España - United ITs

United ITs
United ITs
Empresa verificada
Valencia, España

hace 2 semanas

Isabel García

Publicado por:

Isabel García

beBee Recruiter
Descripción
Valencia (Spain) | Fulltime


Resumes that are not in English will not be considered:

ICC is committed to achieving diversity and inclusion within its workforce, providing an environment that reflects the values enshrined in the Charter of the United Nations and encourages all qualified applicants, irrespective of gender, nationality, disabilities, sexual orientation, culture, religious and ethnic backgrounds to apply. ICC is dedicated to the SDGs, making SDG-5 (Gender Equality) and SDG-10 (Reduce Inequalities) the organization goals.

Location:
Valencia (Spain)

Purpose of the Requirement
ICC within its Project Office Section, seeks an APW to provide Security
Governance services to facilitate the execution of projects that are either
internal to ICC or externally done to provide service to a partner.
Summary of Assigned

  • Duties
  • Under the direct supervision of Lead, Cyber security Governance:
  • Develop, implement and monitor strategic, comprehensive enterprise
information security and IT risk management programmes to ensure that
- the integrity, confidentiality and availability of information is managed
- and controlled by client organizations.
  • Provide regular reporting on the current status of the information
security program to senior management and business units as part of a
- strategic enterprise risk management program.
  • Implement governance programmes including an information security
steering committee or advisory board.- Create, communicate and implement process for risk management,

including the assessment and treatment of identified risks. Work directly
- with business units and stakeholders throughout the organization on
- identifying acceptable levels of residual risk. Report and oversee
- treatment efforts.
  • Create and manage information security and risk management
awareness training programmes for all employees, contractors and
- approved system users.
  • Develop, maintain and publish uptodate information security policies,
standards and guidelines. Oversee the approval, training, and
- dissemination of security policies and practices.
  • Develop and enhance an information security management framework
based on the ISO 27000 standards. Create a framework for roles and
- responsibilities with regard to information ownership, classification,
- accountability and protection.
  • Coordinate information security and risk management projects. Provide
strategic risk guidance for IT projects.- Manage security incidents and events to protect corporate IT assets,

including intellectual property, sensitive data and the organization's
- reputation.
  • Monitor the external threat environment for emerging threats and advise
relevant stakeholders on the appropriate courses of action.- Develop and oversee effective disaster recovery policies and standards.

Coordinate the development of implementation plans and procedures to
- ensure that business-critical services are recovered in the event of a
- security event. Provide direction, support and in-house consulting in
- these areas.
  • Liaise among external and internal stakeholders, including audit, legal
and HR management teams as required, to ensure that the organization
- maintains an appropriate security posture.
  • Manage information security specialists and consultants
  • Perform other related duties and fulfil responsibilities as required.
Functional Knowledge and Skills

  • Essential:
  • Minimum of 10 years' experience in information security, risk
management, or IT-Security or security incident response or security
- testing related jobs.
  • Experience in developing information security policies and procedures,
as well as successfully executing programmes.- Knowledge of common information security management frameworks,

such as ISO/IEC 27001, ITIL, COBIT, etc.

  • Ability to understand technical and business aspects of IT risk, and to
communicate those risks to management, business and technical units so
that the organization can make informed decisions regarding appropriate
levels of information security control.

  • Strong analytical and problemsolving skills.
  • Ability to act calmly and competently in highpressure, highstress
situations.

  • Excellent written and verbal communication skills, interpersonal and
collaborative skills.

  • High level of personal integrity, as well as the ability to professionally
handle confidential matters, and show an appropriate level of judgment
and maturity.

  • High degree of initiative, dependability and ability to work with little
supervision.

  • Education
  • Desirable:
  • Experience in achieving and maintaining ISO 27001 certification
  • Three years' experience working in security consulting engagements
  • Project management skills and ability to manage multiple projects under
strict timelines.

  • Desirable:
  • Experience in achieving and maintaining ISO 27001 certification
  • Three years' experience working in security consulting engagements
  • Project management skills and ability to manage multiple
Más ofertas de trabajo de United ITs
Ver todas las ofertas de empleo de United ITs