Connecting companies and IT talents
Cybersecurity Governance Specialist
Location
Portugal + 1 moreAll locations: Portugal | Spain
Posted
3 days ago
Salary
0
Seniority
Mid Level
No structured requirement data.
Job Description
Cybersecurity Governance Specialist
Movilges IT Consulting
Role Description Estamos reclutando un Especialista en Gobernanza de Ciberseguridad (h/m) para reforzar nuestro equipo, con posibilidad de trabajar a distancia. Qualifications - Grado en Ingeniería Informática, Tecnologías de la Información o equivalente (obligatorio) - 3 años (mínimo) de experiencia en la definición de modelos de gobierno de la seguridad - Experiencia en la definición de modelos de gobierno de la seguridad - Experiencia no asesoramiento en el desarrollo de los procesos de gobernanza de ciberseguridad y en las estrategias recomendadas para asegurar el cumplimiento - Experiencia en gestión de cumplimiento normativo y de los marcos legales y regulatorios, tanto nacionales como internacionales, relacionados con la ciberseguridad y la privacidad - Experiencia en la elaboración y revisión de marcos normativos y procedimientos relacionados con la seguridad de la información y la ciber resiliencia en entornos nacionales e internacionales - Disponibilidad para visitas ocasionales al cliente - Fluidez en inglés B2 (obligatorio) Benefits - Flexibilidad en el régimen de trabajo (remoto) - Participación en proyectos con tecnologías innovadoras y de dimensión internacional - Ambiente de trabajo dinámico - Formación continua en el puesto de trabajo - Remuneración acorde con la experiencia demostrada Company Description El Grupo Movilges cuenta con más de 30 años de experiencia en el mercado español y portugués, especializada en Logística, Movilidad y soluciones IT. Ofrecemos servicios de consultoría, desarrollo de aplicaciones y mantenimiento de sistemas. Al igual que el universo tecnológico, en constante evolución, el Grupo Movilges busca evolucionar, aumentando su presencia en Portugal con Movilges IT Consulting, ofreciendo productos y servicios para la gestión completa en el ámbito IT, desde la Consultoría y el Gobierno, el desarrollo de aplicaciones con tecnología low-code, el aseguramiento de la calidad software, hasta la automatización de pruebas y de procesos en Movilser Tech. En Iberia, estamos presentes en diversos sectores, como retail, tecnología, salud, administración pública, energía, servicios, banca y seguros. Al enviarnos tu candidatura, autorizas al Grupo Movilges a procesar tus datos personales, como nombre, correo electrónico, número de contacto e información sobre tus experiencias académicas y profesionales que constan en tu CV. El procesamiento de estos datos se realiza únicamente con fines legítimos de la empresa, es decir, para los procesos de reclutamiento de profesionales cualificados para nuestro equipo. Si tienes alguna pregunta relacionada con tus datos personales, puedes contactarnos a través del correo electrónico portugal@movilges.com.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Manager -Cybersecurity Third Party Risk
Sentara HealthcareFounded in 1888 as a 25-bed Retreat for the Sick, Sentara Healthcare is now the largest integrated health care provider in Virginia and northeastern North Carol
Title: Manager -Cybersecurity Third Party Risk Location: Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming. Remote Full-time Job Description: Overview As a Cyber Security Third-Party Risk Manager, you will play a critical role developing, enhancing and executing the third-party risk management program including onboarding, maintenance and ongoing monitoring, and offboarding of third-party suppliers. Your primary responsibilities will include identifying and categorizing third party vendors based on risk, understanding and prioritizing the risks, establishing and enforcing key controls to mitigate the risk, perform continuous monitoring that tracks and reassesses third parties, and ensure third party contractual compliance with Sentara policy and standards. You will also be responsible for negotiating and maintaining the information security exhibit with the vendors through the contracting process. Key Responsibilities - Regularly interact with all levels of management to present and discuss third-party risk management - Conduct comprehensive risk assessments of third-party vendors based on risk - Manage a team of assessors for performing vendor assessments and vendor contracts negotiations - Analyze and prioritize risks based on their potential impact on the organization's operations, data, and reputation. - Develop and streamline the third-party risk management process. - Identify and assess vulnerabilities within vendor systems, networks, and applications. - Collaborate with cross-functional teams, including IT, security, and compliance, to develop and implement risk mitigation strategies. - Prepare detailed third-party risk assessment reports, including findings, recommendations, and mitigation plans, for presentation to management. - Maintain accurate and up-to-date documentation of third-party risk assessment activities, findings, and risk treatment plans. - Assist in audits and assessments to demonstrate compliance with cybersecurity standards. Education: - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (preferred) (OR) - Experience in lieu of Bachelor's Degree- 7+ years of experience in cybersecurity, with at least 3 years in risk management Certification/Licensure - CISSP (Certified Information Systems Security Professional) (Preferred) - CISM (Certified Information Security Manager)(Preferred) - CRISC (Certified in Risk and Information Systems Control)(Preferred) - CISA (Certified Information Systems Auditor)(Preferred) Experience - 5+ years of experience in cybersecurity, with at least 3 years in risk management with a degree (Required) - 7+ years of experience in cybersecurity, with at least 3 years in risk management without a degree) (Required) - Strong understanding of cybersecurity principles, risk assessment methodologies, and threat landscape analysis. - 3 years' experience managing a third-party risk management program and team - Proficiency in performing third-party risk assessments and negotiating contractual security language - Knowledge of regulatory compliance requirements and industry standards. - Excellent analytical and problem-solving skills. - Effective communication and interpersonal abilities to collaborate with multidisciplinary teams. - Experience in healthcare or other highly regulated industries preferred - Deep understanding of cybersecurity frameworks (NIST CSF, NIST 800-53, ISO 27001, HITRUST) - Knowledge of healthcare regulations (HIPAA, HITECH) and their technical requirements - Familiarity with risk assessment methodologies and tools - Understanding of security technologies, controls, and best practices - Experience with GRC (Governance, Risk, and Compliance) platforms such as ServiceNOW, OneTrus Keyword, Cybersecurity Risk, TPRM Talroo - IT We provide market-competitive compensation packages, inclusive of base pay, incentives, and benefits. The base pay rate for full-time employment is $116,729.60 - $216,777.60. Additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Benefits: Caring For Your Family and Your Career - Medical, Dental, Vision plans - Adoption, Fertility and Surrogacy Reimbursement up to $10,000 - Paid Time Off and Sick Leave - Paid Parental & Family Caregiver Leave - Emergency Backup Care - Long-Term, Short-Term Disability, and Critical Illness plans - Life Insurance - 401k/403 (b) with Employer Match - Tuition Assistance - $5,250/year and discounted educational opportunities through Guild Education - Student Debt Pay Down - $10,000 - Reimbursement for certifications and free access to complete CEUs and professional development - Pet Insurance - Legal Resources Plan - Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria are met. Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves. In support of our mission "to improve health every day," this is a tobacco-free environment. For positions that are available as remote work, Sentara Health employs associates in the following states: Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.
Role Description Estamos reclutando un/a Especialista en Gobernanza de Seguridad Cloud para reforzar nuestro equipo, con posibilidad de trabajar en régimen de trabajo remoto. Qualifications - Grado en Ingeniería Informática, Tecnologías de la Información o equivalente (obligatorio) - 3 años (mínimo) de experiencia en ejecución de labores de arquitectura de seguridad en cloud - Experiencia en despliegue de herramientas de seguridad para protección de cargas en nube - Experiencia en la definición de reglas de bastionado y definición de configuraciones de seguridad para servicios en cloud - Experiencia en supervisión de cumplimiento de medidas de seguridad en cloud - Disponer de alguno de estos certificados: ISO 27001 lead auditor, ISO 27701 lead auditor, CISA (Certified Information Systems Auditor) y CISM (Certified Information Security Manager) - Fluidez en inglés B2 (obligatorio) Benefits - Flexibilidad en el régimen de trabajo (remoto) - Participación en proyectos con tecnologías innovadoras y de dimensión internacional - Ambiente de trabajo dinámico - Formación continua en el puesto de trabajo - Remuneración acorde con la experiencia demostrada Company Description El Grupo Movilges cuenta con más de 30 años de experiencia en el mercado español y portugués, especializada en Logística, Movilidad y soluciones IT. Ofrecemos servicios de consultoría, desarrollo de aplicaciones y mantenimiento de sistemas. - En Iberia, estamos presentes en diversos sectores, como retail, tecnología, salud, administración pública, energía, servicios, banca y seguros.
Role Description Estamos reclutando un/a Especialista en Seguridad Física para reforzar nuestro equipo, con posibilidad de trabajar en régimen remoto. Lo que buscamos: - Perfil senior con experiencia en funciones de gestión y en la elaboración de informes con Power BI. - Experiencia en análisis de riesgos, identificando medidas de seguridad aplicables. - Conocimiento en la definición de controles de seguridad física por tipología de edificio, basados en los riesgos detectados. - Experiencia en la ejecución de planes de análisis de vulnerabilidades físicas, estableciendo muestreos periódicos por tipo de instalación. - Capacidad para realizar análisis de madurez y protección, evaluando procesos, sistemas, procedimientos y nivel de concienciación del personal. - Experiencia en revisión de sistemas de control de accesos, procedimientos de visitantes, contratistas y proveedores, así como delimitación de zonas críticas y áreas de seguridad. - Conocimiento en sistemas de CCTV y videovigilancia, asegurando su funcionamiento y cobertura continua. - Experiencia en la revisión de sistemas de prevención de incendios (detección, extintores, planes de evacuación). - Conocimiento en la creación y mantenimiento de planes de continuidad de negocio y de gestión de crisis, asegurando canales de comunicación internos y externos en caso de incidentes. - Experiencia en la realización de pruebas de continuidad y recuperación y en la formación de personal en protocolos de emergencia y participación en simulacros. - Conocimiento actualizado en normativas y marcos regulatorios, en especial DORA e ISO 27001 (obligatorio). Benefits - Flexibilidad en el régimen de trabajo (remoto). - Participación en proyectos con tecnologías innovadoras y de dimensión internacional. - Ambiente de trabajo dinámico. - Formación continua en el puesto de trabajo. - Remuneración acorde con la experiencia demostrada. Company Description El Grupo Movilges cuenta con más de 30 años de experiencia en el mercado español y portugués, especializada en Logística, Movilidad y soluciones IT. Ofrecemos servicios de consultoría, desarrollo de aplicaciones y mantenimiento de sistemas. Al igual que el universo tecnológico, en constante evolución, el Grupo Movilges busca evolucionar, aumentando su presencia en Portugal con Movilges IT Consulting, ofreciendo productos y servicios para la gestión completa en el ámbito IT, desde la Consultoría y el Gobierno, el desarrollo de aplicaciones con tecnología low-code, el aseguramiento de la calidad software, hasta la automatización de pruebas y de procesos en Movilser Tech. En Iberia, estamos presentes en diversos sectores, como retail, tecnología, salud, administración pública, energía, servicios, banca y seguros.
Information Security Architect
MeijerEstablished as a small-town grocery store in the depths of the Great Depression, Meijer has expanded and grown exponentially while remaining a family-owned groc
Role Description The Enterprise Architect collaborates with business and technology teams to ensure that technology solutions are aligned with the targeted business strategies and expected outcomes. The Enterprise Architect also plays a role in defining the future state IT strategy and ensuring alignment with enterprise standards and practices. Their role involves working with and guiding the organization’s architects to build and promote enterprise standards, roadmaps, and strategies that align with the organization’s goals and objectives. What You Will be Doing: - Provides guidance and design standards for the architecture, including Business Architecture, IT Strategy Facilitation, Strategic Portfolio Development, and Technical Architecture Domains. - Offers professional expertise with broad technical, analytical, and communication skills reflecting knowledge about industry best practices and emerging trends for Meijer. - Aligns Architectural Runway to SAFe Agile Development and provides leadership and oversight to ensure interoperability, scalability, and portability of applications. - Strives for optimum proficiency in all aspects of enterprise solutions and services, including business process, end user experience, applications, databases, integrations, and infrastructure. - Collaborates with architects to achieve strategic and operational objectives relating to the Enterprise roadmap. - Ensures alignment to security architecture standards and secure coding practices. - Leads the development and oversight of architecture documentation, including roadmaps, foundation principles, schematics, guidelines, enterprise standards, and compliance. - Develops and facilitates the implementation of architectural policies, standards, procedures, and templates. - Defines and integrates a culture of ownership for architecture standards and design patterns. - Analyzes the effectiveness of architectural decisions to ensure best practices meet strategic goals. - Provides input to annual budget reviews for technology investments to ensure alignment with strategic goals. - Reviews and evaluates vendor proposals for adherence to architectural guidelines and investment strategy. Qualifications - Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, Systems Analysis, or related discipline. - 8 years’ experience in at least two IT disciplines in a multi-tier environment, including technical architecture, network management, application development, package delivery, middleware, database management, or operations planning. - Ability to disambiguate complex ideas and communicate in a simple and compelling way to a wide variety of audiences. - Knowledge of business, technology, industry, and market ecosystems. - Innovative thinking and behavior to drive organizational strategies. - Exposure to multiple, diverse technical configurations, technologies, and processing environments. - Ability to analyze trends and disruptions and assess their impact on targeted business outcomes. - Drive the evolution of the EA team's services and operating model. - Breadth of knowledge in technologies, platforms, and domains. - Strong interpersonal skills, including teamwork, facilitation, and negotiation. - Strong analytical and technical skills. - Excellent written and oral communication skills. - Excellent planning and organizational skills. - Knowledge of the components of a technical architecture. - Knowledge of business re-engineering principles and processes. - Basic knowledge of financial models and budgeting. - Understanding of the political climate of the enterprise and navigation of politics. - Ability to understand long-term and short-term perspectives of situations. - Ability to translate business needs into technical architecture requirements. - Ability to estimate the financial impact of technical architecture alternatives. - Ability to apply multiple technical solutions to business problems. - Quickly comprehends the functions and capabilities of new technology. Benefits - Meijer Rewards - Weekly pay - Scheduling flexibility - Paid parental leave - Paid education assistance - Team member discount - Development programs for advancement and career growth


