Cyber Security Officer – CSO
Location
Peru
Posted
2 days ago
Salary
0
Seniority
Senior
Job Description
Cyber Security Officer – CSO
Talan
• Coordinate cybersecurity and technology risk‑management activities. • Oversee implementation of the cybersecurity strategy. • Strengthen the team in the automation of security controls and manual security tasks. • Ensure compliance with applicable regulatory and legal requirements, as well as corporate best practices.
Job Requirements
- Experience in security assessments, risk analysis, or review of technology controls.
- Intermediate/advanced knowledge of AI development tools ( highly valued: Devin , GitHub Copilot ).
- Practical knowledge of agents, automated workflows, and AI applied to business processes.
- Experience working with APIs, databases, and integration/orchestration tools.
- Experience in process automation and operational improvement.
- Hands-on experience with Devin and GitHub Copilot.
Benefits
- Smart Office Pack so that you can work comfortably from home.
- Training and career development.
- Benefits and perks such as private medical insurance
- life insurance
- Language lessons
- etc
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Coordinate cybersecurity and technology risk-management activities for the assigned product/area. • Oversee the implementation of the cybersecurity strategy. • Enable the adoption of global defenses and drive the implementation of minimum requirements, policies, controls, and reporting. • Responsible for procedures and controls to ensure compliance with applicable regulatory and legal requirements, as well as corporate best practices. • Assess and evaluate cybersecurity and technology risks (projects, third parties, systems, and information). • Automate area‑specific manual controls using AI‑based solutions.
Junior Information System Security Officer
Titan TechnologiesA family of companies including Titan Technologies, LLC, TelaForce, LLC and Titan Facilities, Inc.
• Assist with day-to-day cybersecurity operations for assigned information systems. • Support implementation of the NIST Risk Management Framework (RMF). • Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and supporting authorization documentation. • Monitor security controls to ensure continued compliance with NIST SP 800-53. • Participate in continuous monitoring activities and vulnerability management. • Review security scan results from tools such as ACAS, Nessus, or Tenable and assist with remediation tracking. • Support annual security control assessments and Authority to Operate (ATO) activities. • Coordinate with system administrators, network engineers, and application owners to implement security controls. • Assist in security incident reporting, documentation, and corrective actions. • Maintain audit evidence supporting FISMA compliance. • Ensure user access reviews are completed and privileged accounts are monitored. • Participate in configuration management reviews and evaluate security impacts of system changes. • Assist with security awareness activities and policy compliance.
AWS Cloud Security Architect
General DynamicsA business unit of General Dynamics, General Dynamics Information Technology (GDIT) supports some of the United States' most complex government, defense, and in
Role Description The AWS Cloud Security Architect will work as part of an agile development team to build and support the modernization of enterprise-class software applications. The successful candidate shall be capable of providing technical cloud security subject matter expertise to meet current and future security design and architecture requirements for IaaS, PaaS, and SaaS implementations. The candidate shall have experience with designing and implementing security measures to protect data as it moves from on-premises data center servers to cloud storage systems. The candidate shall have experience with network security and security compliance. This role provides expert advisory services to ensure secure design and deployment of cloud-based systems, incorporating secure-by-design principles such as access control, encryption, and identity management. The Architect conducts thorough threat and vulnerability assessments, monitors risks, and ensures compliance with federal cybersecurity standards and Judiciary frameworks. Key Responsibilities - Designing secure cloud architectures - Performing risk assessments using enterprise tools - Coordinating with ITSO and CISA to validate system security through independent evaluations - Creating essential security documentation, including System Security Plans, Business Continuity Analyses, and Disaster Recovery Plans - Delivering a quarterly Cloud Security Roadmap - Providing operational support to cover cloud firewalls, ACLs, SSL, API endpoints, authentication procedures, private image management, and secure network segmentation - Supporting incident response planning - Supporting automation for legacy systems - Ensuring proper documentation of cybersecurity control artifacts - Ensuring continuous monitoring and secure data handling - Engaging in proactive risk mitigation - Strengthening the security posture across production and non-production cloud environments within the CMSO ecosystem Qualifications - 10+ years of related experience - Technical Training, Certification(s) or Degree - Additional education and/or experience are strongly preferred in the following combinations: - HS Diploma & 18+ Years Experience - AA/AS & 16+ Years Experience - BA/BS & 14+ years Experience - MA/MS & 12+ Years Experience - Doctorate Degree/Ph.D. & 11+ Years Experience Requirements - Deep expertise in Amazon EKS security architecture: pod identity, multi-tier namespace isolation, and node group separation across security classification tiers - Expert Kubernetes RBAC design and auditing: least-privilege ClusterRoles, service account hardening - Strong expertise in Kubernetes NetworkPolicy - Expert Pod Security Admission controls: restricted/baseline profile enforcement, Gatekeeper policy-as-code - Full lifecycle container image security: ECR private registry, image tag immutability, Inspector Enhanced Scanning, cosign image signing, SBOM generation - Expert GitLab CI/CD pipeline security: OIDC-based AWS authentication, build node egress restriction, pipeline-integrated scanning (Wiz, Trivy, Checkov, TestifySec), and immutable artifact promotion - Experience implementing container performance monitoring using New Relic or equivalent (Prometheus, OpenTelemetry, Fluent Bit) - Demonstrated experience designing FedRAMP High multi-tier web applications on EKS with tiered security classification boundaries - Expert AWS VPC architecture: multi-tier subnet design, Transit Gateway, EKS hardening - Deep experience with security groups, Network ACLs, and AWS Network Firewall: domain allowlist policies, and build node egress controls - Expert VPC endpoint design: gateway and interface endpoints - Expert AWS WAF - Deep expertise in API Gateway security: designing private endpoints, JWT authorizers, resource policies, and mTLS - Experience implementing AWS Direct Connect and Site-to-Site VPN with BGP route security and hybrid connectivity hardening - Expert design of VPC Flow Log analysis pipelines using CloudWatch Logs Insights, Athena, and Splunk (SPL queries, correlation searches, network security dashboards) - Expert design of CloudWatch multi-account architectures: cross-account observability, centralized log aggregation, composite alarms, and metric filter-based real-time detection - Experience integrating CloudTrail, GuardDuty, Security Hub, and Config across AWS Organizations with EventBridge-driven automated response - Expert Splunk integration: CloudTrail, GuardDuty, VPC Flow Logs, and EKS audit log ingestion with high-fidelity correlation searches - Expert design of multi-layer VM programs for containerized AWS workloads: Amazon Inspector (EC2, ECR Enhanced Scanning, Lambda, EKS workload association), pipeline-integrated image scanning, IaC scanning, and Kubernetes configuration assessment - Deep experience with pipeline-integrated scanning tools: Tools such as Trivy and Grype for CVE detection, Syft for SBOM generation (CycloneDX), kube-bench for CIS Kubernetes Benchmark assessment - Proficiency with AWS native VM tooling: Inspector, Security Hub finding aggregation, Systems Manager Patch Manager for EC2/EKS node OS patching, and Config conformance packs (NIST 800-53, FedRAMP High) for configuration vulnerability tracking - Experience with enterprise VM platforms in federal environments: commercial CNAPPs for agentless cloud-native assessment and attack path analysis - Expert runtime threat detection: GuardDuty EKS Runtime Monitoring, and correlation of runtime behavioral signals with static CVE findings for prioritized response - Ability to design and measure VM program effectiveness metrics: MTTD and MTTR per severity tier, detection coverage gap analysis via threat-to-detection mapping - Expert IAM least privilege: SCPs, permission boundaries, condition keys, and IAM Access Analyzer - Demonstrated FedRAMP High ATO leadership: SSP authoring, NIST 800-53 rev5 control implementation statements, POA&M management, 3PAO assessment support, and continuous monitoring program design Benefits - Comprehensive benefits and wellness packages - 401K with company match - Competitive pay and paid time off - Full flex work weeks where possible - Paid parental, military, bereavement, and jury duty leave - 15 days of paid leave per calendar year - 10 paid holidays per year - Paid Family Leave program providing up to 160 hours of paid leave in a rolling 12 month period for eligible employees - Short and long-term disability benefits - Life, accidental death and dismemberment, personal accident, critical illness, and business travel and accident insurance
Director, Network Facility Security
DSVDSV is a global leader in transport and logistics, evolving to become the world's 3rd largest supplier of global solutions within transport and logistics. We operate in more than 80 countries, ensuring a steady supply of goods to production lines, outlets, stores, and consumers worldwide.
Role Description The Director, U.S. Network Facility Security is responsible for leading DSV’s physical security strategy and governance across its U.S. distribution and fulfillment network while serving as the enterprise owner for customer contractual security compliance. This role ensures all facilities consistently meet customer, regulatory, and corporate security requirements through standardized policies, audit readiness, risk management, and Security-by-Design principles. Key responsibilities include: - Customer Security Program Leadership - Security Governance & Compliance - Risk Management & Incident Response - Security by Design - Global Partnership & Enterprise Alignment - Leadership & Strategy Qualifications - Bachelor's degree in Security Management, Criminal Justice, Business, Supply Chain, Engineering, or related field; or equivalent combination of education and experience. - Minimum 10 years of leadership experience in physical security, corporate security, logistics, supply chain, or distribution operations. - Demonstrated experience leading multi-site security programs across the United States. - Experience managing customer contractual security requirements within logistics, manufacturing, distribution, or third-party logistics environments. - Experience leading customer audits, compliance programs, and risk management initiatives. - Strong knowledge of physical security technologies, governance frameworks, and compliance programs. - Proven ability to influence senior leaders across Operations, Engineering, Facilities, Commercial, IT, Legal, and Compliance functions. - Strong executive communication, presentation, and stakeholder management skills. - Ability to travel up to 40%. Requirements - Certified Protection Professional (CPP) - Preferred - Physical Security Professional (PSP) - Preferred - Experience within third-party logistics (3PL), supply chain, fulfillment, or e-commerce operations - Preferred - Experience supporting Fortune 500 customer security programs - Preferred - Knowledge of CTPAT, TAPA, ISO 28000, and other supply chain security frameworks - Preferred Benefits - Information regarding DSV’s benefits offerings, including eligibility, coverage options, and plan details, is available through the DSV Benefits Showcase. - Benefits, programs, and eligibility may vary by location and division in accordance with applicable state and local laws.


