Descripción de la oferta
Job Description :Trigyn has a contractual opportunity for a Red Team Lead (Data Security). This resource will be working at our client site in Valencia, Spain.Job Responsibilities :The successful candidate will be responsible for supporting the Global Cybersecurity Strategy, in the area of Information Security and Risk Management including application security, data security, threat, vulnerability, risk, and compliance management.Create, implement, and manage cybersecurity Red Team function and processes;Create, implement, and manage incident response function, processes, procedures, training, and playbooks;Improve maturity level of data security to the defined higher level; and measure and report the progress regularly by developing Key Performance Indicators (KPI) / metrics for performance and risk monitoring;Contribute to the review, consistent implementation and compliance-monitoring of client wide information security policies, operating procedures standards, and guidelines;Coordinate and / or support security audit requests and track follow up on recommendations (including FISMA / NIST 800-53 controls, ISO 27001);Participate actively in the implementation of the Global Cybersecurity Strategy, including the support of awareness-related activities and coordinating global workshops / webinars;Monitors and audits information security controls while measuring results and responding to new risks. Gathers, develops and organizes evidence for security audit;Conduct various threat, vulnerability, risk and compliance assessments;Assist in investigation and audit;Provide advice to requests / tickets related to data security, rotation and access;Provide advisory to support decision-making activities related to information security topics;Perform such other duties as may be assigned.Education- Bachelor’s degree in computer science, information systems, mathematics, statistics or related field from an accredited academic institution with two years of relevant professional experience; or- University degree in the above fields with four years of relevant professional experience.- Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified Secure Software Lifecycle Professional (CSSLP), Certified Secure Web Application Engineer (CASE), Certified Secure Web Application Engineer (CSWAE), Governance, Risk, and Compliance Professional (GRCP), Certified Ethical Hacker (CEH), or related will be a distinct advantage in addition to cloud computing certifications at associate / professional / specialty level from Azure and / or AWS.- Information Technology Infrastructure Library (ITIL) and Prince2 Foundation are added advantages.Experience- Extensive experience in building a cybersecurity offensive team (RED TEAM);- Extensive experience in compliance and risk management;- Extensive experience in creating and implementing test cases and test plans;- Extensive experience in all aspects of application / data security (definition, implementation and validation);- Extensive experience in simulating cyber-attacks and data breaches;- Experience defining security strategies aligned with business and strategic objectives.Skills- Strong interpersonal skills;- Solid organization and document, project management;- Strong investigative skills;- Strong ability to continue to learn and grow;- Basic knowledge of reporting tools (e.g., MS Excel, Power BI, Power BI Report Builder);- Ability to translate technical security vulnerabilities into business risk / impact to applications;- Demonstrated skill in creating security policies and procedures based on ISO27001, NIST 800-53 and Computer Information System (CIS) controls;- Strong analytical and problem-solving skills and proactive thinking skills;- Able to articulate complex, technical concepts to non-technical audiences;- Strong English oral and written communication skills.
#J-18808-Ljbffr