1 Opening
Alcorcon
Role description
CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.
CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
What are we looking for?
We are looking for a Governance, Risk & Compliance Specialist to contribute for a project with one of our global customers pioneer in the security field.
Work location: Madrid
Work mode: 100% remote, with occasional on-site presence (up to 1–2 times per month) at the Madrid office.
Languages:
- English C1
Experience & Qualifications Required
- 4 years’ experience in audits and compliance and assessments based on national and international standards (ISO27001, ISO22301, ENS, NIST, DORA, NIS2)
• Knowledge/certifications in ISO27001 is a must. It is also desirable knowledge in ENS, ISO 27005, ISO22301, ISO 42001, NIST CSF 2.0, NIST, SOC 2, GDPR, DORA, NIS2, CMMC 2.0
- Proficiency with a variety of instruments for assessing and controlling risk (ex. ISO 31000, Magerit v3, COSO)
- Experience in implementation of best practices, compliance with information security policies and standards.
- Technical experience or applicable knowledge in security architectures for different environments.
- Experience related to Cybersecurity ecosystem, deployment experience of security technologies.
- Knowledge of different security solutions/technologies: FW, DLP, IDS/IPS, EDR…
- Experience in incident response plans and exercises
- Computer Engineering/Telecommunications and/or Master in Cybersecurity
It is also desirable and will be considered to hold certifications such as CISM, CISSP, CISA, ISO/IEC 27001 Lead Auditor / Lead Implementer.
We will also consider knowledge of HIPAA, ARC-AMPE or OT Cybersecurity (ISO 27019 / IEC 62443) for the more senior role
Key Roles & Responsibilities:
- Handle the assigned tasks from the allocated domain with minimal guidance from the leads. (Domain Examples: BCMS, ISMS, Risk assessment (AARR & BIAs), GAP Analysis, Incident management, Awareness activities, Data Privacy, etc.)
- Independently handle (with very minimal guidance from the supervisors) internal audits or GAP Analysis to ensure compliance with security standards (ex. ISO 27001/ISO 22301/ISO 27701, NIST CSF 2.0, ..) requirement as well as process specific requirements
- Point out the non-conformance areas and suggest measures to improve the information security individually.
- Coordinate information security awareness training programs for all the employees, contractors and approved system users.
- Coordinate and Review the technical assessments of IT systems and processes to identify potential risks. Submit recommendations to mitigate any risks identified and ensure controls that they are implemented.
- Design, plan and execute the Cybersecurity activities.
- Directly Interact with customer and communicate detailed technical requirement to the team.
- Policy/Procedure creation activities and process improvement ideas to be implemented.
- Research and analytical skills, including the ability to convert complex policy issues into simple briefings and communicate to the audience.
What can we offer?
23 days of Annual Leave plus the 24th and 31st of December as discretionary days!
Numerous benefits (Heath Care Plan, Internet Connectivity, Life and Accident Insurances).
`Retribución Versátil´ Program: (Meals, Kinder Garden, Transport, online English lessons, Heath Care Plan…)
Free access to several training platforms
Professional stability and career plans
UST also, compensates referrals from which you could benefit when you refer professionals.
The option to pick between 12 or 14 payments along the year.
Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime…)
UST Club Platform discounts and gym Access discounts
If you would like to know more, do not hesitate to apply and we’ll get in touch to fill you in details. UST is waiting for you!
In UST we are committed to equal opportunities in our selection processes and do not discriminate based on race, gender, disability, age, religion, sexual orientation or nationality. We have a special commitment to Disability & Inclusion, so we are interested in hiring people with disability certificate.
Skills
Business Intelligence,Iso 27001,GRC,Cyber Security
About UST
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.