Spektrum have a wide range of exciting opportunities in several general locations.
We are always looking to add great new talent to our team and look forward to hearing from you.
**Background**
The role will be embedded within an International Organisations Global Service Center Base in Valencia serves as a key operational and logístical hub for international missions aimed at maintaining peace and providing humanitarian aid. Located in Spain, this center complements the efforts of its counterpart in Brindisi, working collaboratively to ensure comprehensive support for missions worldwide.
The Valencia base is particularly focused on information and communication technology services. It manages critical IT infrastructure, cybersecurity, and data management systems that are essential for the coordination and execution of global missions. This includes maintaining reliable and secure communication networks, developing and implementing innovative technological solutions, and providing technical support to field operations.
By handling these complex and crucial aspects of mission support, the Valencia base ensures that international operations can rely on robust and efficient technological frameworks. This enables quick and effective responses to crises, enhances coordination among various stakeholders, and supports the overall objectives of global peacekeeping and humanitarian initiatives. The center's dedication to excellence and continuous improvement makes it an integral part of international efforts to address global challenges.
**Role Duties and Responsibilities**
- The Analyst, Blue Team (Defensive Security) develops, implements, drives, and monitors the defensive security practices for Information Security and Risk Management at Client.
- S/he acts as the authority for the development and enforcement of organization policies, standards, and processes, and has ultimate responsibility for ensuring the detection and responding to threats. S/he guides the design and continuous improvement of the defensive security that balances business needs with security risks. S/he advises the CIO, CISO and top executives on defensive security matters and sets directions for complying with regulatory inquiries, legal and compliance regulations, inspections, and audits. S/he is an expert in cyber security compliance standards, protocols, and frameworks, as well as the NIST 800-53, NIST CSF, and NIST 800-37 (RMF).
- S/he directs and manages an independent assurance program for cybersecurity to assess, monitor and report on the operating effectiveness of security controls. Proactively and effectively reports on information security priorities, top risks, and action plans.
- S/he is responsible to formulate, implement, and manage institutional information security strategies and programs designed to protect ICT's information technology (IT) systems and information from illegitimate access and reduce/mitigate information security risks across the organization. S/he leads programs and processes to monitor the emergence of new threats and vulnerabilities, assessing impacts, and driving responses, as appropriate (incident response policies and standards). S/he leads the development and maintenance of a security and risk management functional capability and framework that defines and manages ICT's overall approach to information risk and control that aligns with Client's risk management strategy.
- S/he ensures that clear and timely business advice is provided to management on key information security and assurance issues and that information security and risk is adequately represented on relevant business/governance forums and is known, well-integrated, and addressed across the organization. Maintain and implement business continuity and disaster recovery strategies and solutions to ensure organizational resiliency for client. Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board. Lead and manage the information security team.
- S/he will report to the CISO and the Blue Team Lead and may supervise international, national, and administrative staff.
Information Security Strategy, Policies, and Standards
- Provide vision, leadership, and direction on defensive security and IT risk for client. Collaboratively engage with all ICT teams and business to facilitate a standardized approach and structure to defensive security and IT risk.
- Establish an effective defensive security capability that includes customers and resource owners in the security decision making and oversight.
Incident Response Management
- incident response process from the monitoring and detection of incidents. Establish processes to detect, respond, and recover in a timely and proactive manner from incidents.
- Implement preventive, detective, and corrective technical security controls and solutions to support informa