**Mission**:
The resource is responsible for managing projects concerning the implementation of Cyber & Information security tools, standards and procedures, in areas, such as Information Protection, security governance and Incident and vulnerability management activities.
**Main Responsibilities**
- Support the CISO on strategy and operational activities for the protection of information and supporting assets, definition and implementation of Information Security policies and procedures in compliance with recognized security standards (ex.
ISO 27001, NIST, COBIT).
- Support in the management of information security risk and threat/vulnerability mitigations
- Coordination of the ISIRT Team (Information Security Incident Response Team)
- Functional coordination of external and internal resources
- Management of security incidents and monitoring of security Incident response activities
- Coordination of the ISPT committee (Information Security Planning Team)
- Write and assist in the review and approval of security-related documentation
- Contribute to the dissemination of security documentation and practices
- Help in the creation of security awareness and training programs
- Design, Collect, Monitor and report Security KPIs
- Management and, where necessary, proposal of security solutions for information monitoring and protection (eg: Data Loss Prevention, Digital Identity Management, SIEM, MFA, etc.
)
- Collaborate at all business levels to ensure effective governance over security metrics and report efficiency and effectiveness
- Take part in discussions with stakeholders and managers about cybersecurity issues, recommendations and plans, as well as provide support during internal and third-party audits.
- Report on security controls, compliance and incidents
**Work Experience and Skills Required**
- Minimum 5 years of IT/IS security-related work experience
- Demonstrable experience and knowledge of cybersecurity, risk management and security controls
- Experience in developing and / or maintaining an information security management system (ISMS)
- Experience in writing detailed and sound security policies, standards, and procedures
- Knowledgeable about GDPR & Data Protection
- Strong project management skills
- Experience working on global projects across different locations
- English spoken and written proficiency
**Personal Skills**
- Flexibility and availability
- Ability to perform consistently at a high level under pressure
- Problem solving, proactive approach with capacity for analysis and synthesis
- Strong organizational awareness and openness
- Excellent propensity to report to the Management, colleagues and collaborators
- Good predisposition to learning and adaptation to heterogeneous environments and dynamic
**Qualifications**
Degree in Computer Science/Engineering
**Preferred Qualifications**
Formal information security certifications or qualifications (e.g., CISA, CISSP, CISM, GCIH, CEH, CRISC, ISO27001, ISO 22301, ITIL)