Information Security Management Consultant Noesis provides additional capacity to carry out the Security component of the group's Risk Assessments. The goal is to help the client to reduce its backlog of Risk Assessments.
Main Tasks and Responsibilities:
Assess current security processes and policies;
Provide expert advice on best practices in cybersecurity;
Develop and refine cybersecurity strategies tailored to client needs;
Work with the team on assessments and audit projects as well as policies & procedures definition initiatives and framework/best practices implementations (e.g. information security management and/or business continuity, etc.);
Support in the development, documentation and implementation of reference security architectures, action plans and other controls and activities aligned with policies, standards and best information security practices;
Establish recommendations related to the architecture of applications and Cybersecurity infrastructure, following the concept of "Security by Design";
Ensure that procedures, control plans, methods and tools are in place;
Measure and analyze the efficiency of the controls;
Collect and analyze the results and actions plans with a critical vision;
Identify risks from control non-compliances and propose mitigation actions plans;
Profile :
Master or Bachelor degree in Computer Science, Information Technology, Engineering or equivalent field of studies;
At least 3/4 years professional experience in technology and security functions;
Experience in cybersecurity and risk assessments, preferably in roles such as security analyst, security engineer, or security consultant;
Profound knowledge of the overall IT enterprise landscape, OT landscape, IT architecture, security architecture, security building blocks, network security and concepts such as security testing, cloud security and hybrid cloud setup;
Technical expertise, conceptional thinking, strong analytical skills, and a deep understanding of cyber security principles to assess and improve architecture security effectively;
Strong communication and presentation skills;
Experience with security frameworks and methodologies, such as CIS Security, NIST, OWASP and Mitre Attack;
Knowledge and experience in one or more of the following: ISO27001, NIS2, Dora, NIST800-53, ITGC, GDPR, Business processes transformation, Change management, Business Continuity,…
Experience with process design tools and MS Office.
Fluency in English and Portuguese;
Valued: Professional security certification such as ISO27001, CISSP, CISM, CISA, CRISC or similar;
If you meet these requirements and are interested in joining an audacious and innovative company, please send us your application.
#J-18808-Ljbffr