Description
Service characteristics- Title: IT security specialist - Operations
- Location: Sant Cugat
- Period: 5 months
- Desired start date: ASAP
- Travel : 0-10 %
Service description
- Develop, revise, refine and implement policies, processes, and technical controls to support the data security and privacy strategy
- Perform vulnerability assessment (e.g. nessus), understand outcome, determine associated risks, determine technical solutions to fix findings.
- Coordinate pentest with vendor, drive remediation plan, propose technical solution to address issues
- Ensure adherence to privacy / security standards defined, identify top few incidents and work with respective teams/individual to minimize the incidents.
- Identifying, categorizing, prioritizing, investigating and escalating cyber security events.
- Coordinate Monitoring, intrusion detection and protection systems.
- Identify and manage process improvement in intrusion detection and protection.
- Execute network traffic analysis.
- Ensures that management and third party data processors are informed/compliant with policies/laws.
- Liaises with Legal counsel and advises the Group's IT department in relation to IT and data security issues.
- Assists with activities to fulfil security and privacy objectives in accordance with business strategy.
- Maintain working knowledge and understanding of privacy laws and guidelines.
- Translates legal requirements into workable security solutions.
- Conduct privacy impact assessments and risk analysis.
Requisites
- Experience in information security, including knowledge of information security industry standards.
- Certification (not required, appreciated) e.g. SANS, CEH, etc.
- Technical oriented individual, with proven hands on experience in system security, at OS, network, application layers
- Provide technical assessment and determine appropriate tech controls to address risks identified in project's security and privacy review
- Familiar with encryption techniques, access management…
- Experience in regulatory frameworks in the healthcare/medical device sector
Languages: