Global Sponsors

Últimas ofertas de empleo

Data Protection Specialist, ING
This is Us A team of more than one thousand people sharing an idea: doing our bit in helping our clients create a better future for themselves, providing them with the tools they need to get where they want to go.   In today’s world, we know this happens because we are a fully online bank. We were born out of that idea and 20 years on, technology, simplicity and transparency continue to be the ingredients of the recipe that leaves the best taste in our mouths: being more than just a bank, someone useful in the lives of the millions of clients who have chosen us.   The way we do things also mirrors our eagerness to innovate. We are proud to be one of the very first banks to work with agile methodologies. It doesn’t ring a bell yet? No worries, we will be delighted to tell you all about it. You will find it’s one of those things you’ll want to repeat over and over.   And although we are based in Spain, we like to cross borders. We are lucky to work with international teams every day across 44 countries, composed of women and men as equal as they are diverse. Because here you are completely free to be who you want to be, love whomever you choose, and even go for pineapple as your pizza topping.   Making things happen, helping others be successful, always being one step ahead—that’s our DNA. If you look at yourself in the mirror and your reflection matches our way of being and working…we are looking forward to meeting you!     What are we looking for? In the Data Office department of ING, we provide Data Management capabilities to the Bank, ensuring we have a clear and agreed Data architecture, promoting the use of a common language and culture around the data, focusing on Data Quality for a proper use and interpretation of data and taking care of the Data privacy and how customer data is used. Our purpose is to become a data driven organization.   We are looking for a person who joins the department as a Data Protection Specialist, performing the following tasks: Coordinate the implementation of global privacy program and ensure compliance with regulations (GDPR) in a proactive way, looking for a good customer experience. Perform Data Protection key control tests in design and execution, providing enough quality evidences, identifying gaps and defining remediation actions. Design Data protection policies and procedures ensuring minimum business impact, and making them visible to the organization in an understandable way. Setup a privacy network in cooperation with other departments and provide valuable insight regarding Data Protection topics. Provide support for the Data Protection related incidents and individual rights and create smart KPIs to allow monitorization of activities in order to improve them. Execute the Data Protection Impact assessments and maintain a healthy record of processing activities. Lead a continuous compliance with the deletion and retention program, defining the strategy and ensuring its implementation. Manage dependencies, impediments and priorities of the different local streamlines, to ensure that they support and prioritize the general needs of both local and global programs. Ability to work in a local and global team, promoting orange values, influencing a global environment. Availability to attend meetings in other countries. Encourage communication between the different areas of the bank (business, technology, etc.) to ensure that data is a key asset in the bank. Lead cross teams responsible for developing new information needs defining strategy, planning and ensuring quality and sustainability of the solutions developed.   What do we offer?   Flexible schedule. What goes on at ING matters much to us. But we know that the most important things are outside the office.   Free meals. So that thinking about what to have for lunch doesn’t take up your time or your cravings.     Life and health insurance. For you and all your family (spouse/partner and children).    Free company shuttle. We take you from Madrid city center to our offices at Las Rozas (and back!).   Banking benefits. Special loan or mortgage terms after 6 months working at the bank. And benefit from our pension plan after 2 years with us. More health, more sports. Paddle tennis court and lessons available to you. Runners club with your own trainer. Clinics with professional, world-class athletes. Physiotherapy service on site.
Cybersecurity Risk Analyst, AIRBUS
In the frame of Digital Security’s responsibility, a Risk Analysis (RA) has to be performed for each Information Systems (IS) considered as sensitive, either because it is under a specific regulation (national or International) that requires a RA, or because it is tagged as “Business Critical”. This Risk Analysis activity requires very specific expertise and knowledge: Understand each Information System (IS) by taking into consideration the Architecture Dossier (ARD) and interviewing the “knowing” people (IS Owner, stakeholders) Check that all relevant and mandatory documents (eg ARD, Strategy, Compliance matrix) exist and are exploitable and complete in order to start the RA Ensure that the Risk Analysis is conducted as defined in the Strategy document, and using methods and tool as defined by the Enterprise Policies Identify weaknesses and specific risks of the considered IS Define mitigations plans in order to reduce the identified risks Present and explain to the IS owner the identified risks and related mitigations actions he’s accountable for Once the mitigation plan has been agreed with the IS owner, record the identified risks and related mitigations into the Enterprise’s Risk tracking tool (Active Risk Manager) Follow the applicable Enterprise’s processes and use the specified Templates Respect the Enterprise’s Security rules: encryption (when required), need-to-know principles, and confidentiality. Fluent English level is mandatory.     Contact: ¤ Please apply for this vacancy with your CV attached in English. ¤ By submitting your CV or application you are consenting to Airbus Group using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus Group. ¤ This position is offered under local conditions. ¤ Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Consultor ciberseguridad, EVERIS
Everis AEDE busca incluir en su plantilla varios perfiles Consultores/as de Seguridad de la información para su incorporación en nuestros proyectos de la línea de Negocio de GRC & BC en Madrid.   Buscamos perfiles que aporten entre 2 y 5 años de experiencia en labores del ámbito de los Riesgos Tecnológicos, Ciberseguridad o Seguridad de la Información.   Entre sus funciones estarán: Proyectos de consultoría GRC (Governance, Risk & Compliance). Adecuación y desarrollo de marcos normativos en el ámbito de las TIC, principalmente SGSI, ISO 27001, ISO 22301, GDPR. Análisis, evaluación y gestión de riesgos tecnológicos, ejecución de análisis de riesgos basado en metodologías reconocidas, así como la elaboración de los planes de acción y gestión de riesgos. Desarrollo e implantación de SGSI. Diagnóstico, consultoría y auditoría de seguridad, protección de los activos, continuidad de negocio y servicios TI conforme estándares internacionales COBIT, ISO 27001, ISO 22301, ITIL y normativa nacional e internacional. Diseño y elaboración de Planes directores de seguridad y Planes estratégicos. Desarrollo de Planes de Continuidad de negocio. Proyectos de gobierno de la continuidad y gestión de crisis. Desarrollo de Ciber ejercicios, etc. Proyectos de compliance, ayudando a nuestros clientes a cumplir con las regulaciones específicas nacionales e internacionales desde un punto de vista legal y tecnológico y de la información (PSD2, ENS).   Requisitos mínimos: FP de Grado Superior en Informática, Licenciado o Ingeniero (Telecomunicaciones, Informática, etc.) Nivel alto de inglés. Experiencia mínima de 2 años en empresas consultoras de ámbito internacional participando en proyectos de seguridad de la información y ciberseguridad vinculados a las líneas de trabajo mencionadas en el punto anterior. Carácter dinámico con vocación de aprendizaje continuo.   Requisitos deseables:   Experiencia en gestión de equipos. Experiencia en proyectos de estudio y realización de informes de análisis de riesgo, planes de contingencia y continuidad, protección de datos, SGSI y ENS. Experiencia en proyectos de selección y despliegue de herramientas de seguridad. Conocimiento de regulaciones que afectan a la protección de los activos de información como GDPR, PCI-DSS, PSD2, etc.) Conocimiento de estándares relevantes de la industria (COBIT, ISO27001, ENS, NIST, etc.) Certificaciones de seguridad (CISA, CISM, ISO27001, etc.)
Consultant Data Protection - Security, ACCENTURE
Accenture is seeking a Data Protection Consultant to be assigned to its office located in Madrid (Spain). Applicants must have Computer Science, Telecommunications or Electrical Engineering Degree or a related field and full professional proficiency in English and Spanish. Experience and/or knowledge in other fields of Information Security (Security Strategy, Application Security, Data Privacy, Micro-services, Infrastructure Security) is valuable. Selected candidates will take part in Security projects in global & leading companies operating different markets. #GoSecurity Qualifications Experience in delivering Security Projects > 2 years Security Architecture design Implementation of DLP Security Solutions, at least 1 DLP solution (Symantec, McAffee) DLP (Symantec, McAfee) Security Audits & testing Used to work in a changing environment and to multitask Experience in security requirements gathering, security solutions evaluation and project management oriented Understanding of Cybersecurity, including detection, prevention and response tools and processes Experience with data protection NICE TO HAVE Implementation of DLP Security Solutions, at least 1 technology per security solution: NAC (Forescout, Cisco) SIEM (Splunk, Arcsight) Experience evaluating and analyzing different security solutions (infrastructure & application) Qualifications Technical / Senior Engineer in Computer Science or Telecommunications with at least 3 years of experience in security architecture
Cybersecurity professionals, ENISA
  The European Union Agency for Cybersecurity (ENISA) is looking to draw up reserve lists of in total 75 candidates, from which at least 12 experts will be recruited immediately to start work in 2020 and potentially 6 experts with a starting date of 01.01.2021 to support the Agency’s activities in one or more of the following areas, pursuant to Chapter II of Regulation (EU) 2019/881 - Cybersecurity Act (CSA): Place of employment: Athens, Greece. Please send us your application by no later than 24 April 2020 at 15:00 CET.     What candidates is ENISA looking for? ENISA is looking for candidates that fit into one or more of the following profiles: Profile A: knowledge and experience in cybersecurity on a technical, operational or strategic level, acquired through relevant academic studies, research and/or professional experience as a manager, expert, analyst, officer or IT specialist in private or public sector. Profile B: sectorial ICT technical or ICT policy knowledge and experience, and proven professional understanding of cybersecurity issues in one or more sectors or policy fields (e.g. transport, energy, telecommunications, financial services, utilities, health, digital services, emerging technologies etc.) or in the digital economy and society, acquired through relevant academic studies, research and/or professional experience as ICT manager, ICT expert or ICT policy officer in the private or public sector. Profile C: strong background in economics, law, journalism, communication, social sciences, EU public sector, etc. with a relevant link to cybersecurity resulting in a proven insight and proven understanding and interest into cybersecurity, acquired through relevant academic studies, research and/or professional experience in EU or national private or public sector. The call for expression of interest covers function group administrators (AD) across three grades in line with the EU institutions grading system ranging from AD6 to AD8. As part of the process, the reserve list that will be formed for each grade will also be used to identify candidates for future positions. The reserve lists established will be valid until 31/12/2022.   Closing Date: 2020-04-24 15:00 CET
Cyber Risk Assurance & Oversight, BANCO SANTANDER
RISK DIVISION (NON-FINANCIAL RISK TEAM) is looking for a CONTROL MODEL, based in our HEADQUARTERS office (Boadilla del Monte).   WHY YOU SHOULD CONSIDER THIS OPPORTUNITY Would you like to be part of one of the largest transformations the World is experiencing in the past several decades? In Financial Services, consumer expectations are rising, and technological advances are enabling amazing customer experiences and new businesses not possible before. The emergence of disruptive platforms as a business model has reshaped other industries and is poised to do the same in financial services.   At Santander (www.santander.com) we embrace this change. Credit Risk, Interest Rate Risk, liquidity risk, operational risk, reputational risk… There are many types of risks, that's why it analysis and quantification is key for our purpose of being a Simple, Personal and Fair bank. Working on risks means doing it from a management perspective that contributes to the sustainable progress of people and companies. Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper. You can click here Why Santander to watch a short clip and learn why banking is still exciting.   WHAT YOU WILL BE DOING   As a Control Model, you will be responsible of provide independent control and oversight of effective risk management practices implementation.   We need someone like you to help us in different fronts: In close collaboration with cyber security experts, design mitigation measures ensuring a risk based approach   Monitor, track and report the status of agreed remediation actions with stakeholders   Assess and report on the adequateness of the implementation of the Santander Cyber Security Strategy and Vision.   Develop and maintain a service-based metrics process designing to measure the effectiveness of security program and risk monitoring   Provide 2LoD point of view and oversight in the 1LoD cybersecurity forums (access control, threat & vulnerability management, alignment forum, etc.) to ensure that the highest threats are detected and the appropriated mitigation actions plans are in place and these plans progress properly.   Engage with global control owners to assess key controls maturity   Aptitudes y experiencia deseadas WHAT WE ARE LOOKING FOR   EXPERIENCE Required Min 10 years of experience of Cyber Security in finance industry   EDUCATION Required   Computer Science or similar   SKILLS & KNOWLEDGE Required   Knowledge of frameworks and standards related to security and risk management. (FFIEC, FAIR, ISO27001; ISO31000, NIST)   High level of Spanish and English (minimum C1) Desired Security certifications confirming knowledge and training. (For examples: CISSP, CISA, CEH, CISM, CRISC)   WHAT WE OFFER YOU   Welcome to #TheSantanderEffect. Here, with only a small action or a simple idea, you can do great things. We offer you the advantages and the means to contribute to the progress of more than 140 million people around the world. These are the key factors that multiply the actions of all our employees:   Meaningful Impact - Where the effect of your work makes a difference and helps people to prosper   Personal and Professional Growth - The chance to develop through world-class training, challenging work, and different roles   Respect - Be part of an organization that cares – about its people, its wider community, and the environment   Co-worker quality - Work with inspiring professionals who are leaders in their field   Global stability - Work for a solid global organization that has successfully reinvented itself many times in its 160- year history.
Chief Information Security Officer (CISO), SIEMENS
Securing the Future Enterprise Today Whether in the field of Industry, Smart Infrastructure or Energy: Digitalization is simplifying many facets of life. Therefore, we need to handle the associated risks caused through Cyber-criminals. Join us! Together we can make our digital world more secure. As a Chief Information Security Officer, you will have an outstanding and exciting opportunity to join a diverse and driven team, committed to delivering value to our businesses and our customers. You will be in charge of cybersecurity in Corporate Core and Services,leading the implementation of cybersecurity processes, technologies and services. We make real what matters. This is your role Responsible for guiding and handling of the Incident Management Process as well as Incidents, in accordance with the assigned role. This role spans from guiding the process in direct and virtual/distributed teams as well as participating as a key member or a lead, depending on the type of incident. Vulnerability Management. Assess and mitigate cybersecurity risks Coordination of cybersecurity improvement programs for top IT service providers and outsourcing companies Coordination and execution of cybersecurity guidelines and rules, incl. refinement and tracking of cybersecurity controls. Serve as point of contact for incidents in the horizontal IT infrastructure concerning cybersecurity Develop a cybersecurity community across area of responsibility, internal and external Use your skills to move the world forward More than 5 years of experience in Cybersecurity in IT/OT as a CISO o similar role. Extensive and dedicated incident handling experience. Experience with complex global organizations and working in virtual teams across countries. Background in Computer Science or Business Information Technology, ideally with a focus on cybersecurity and incident handling Knowledge of ISO270001, IEC 62443. Advanced knowledge about specific cybersecurity technologies and their application in the context of IT/OT infrastructure and products, services and solutions in context of a multinational industrial company. Good understanding of data security, application security, identity & access management Masters communication in all situations, with diverse personalities and communication styles. Gives clear direction including intentions and objectives; Facilitates different teams independent of size and scope. Drives teams to constructive solutions and action items. Builds an environment that fosters sharing of information and knowledge. Encourages and motivates others to contribute to common goals and to step out of comfort zones We’ve got quite a lot to offer. How about you? If you want to know more about Cybersecurity at Siemens, check us out! www.siemens.com/cybersecurity As an equal-opportunity employer we are happy to consider applications from individuals with disabilities. Organization: Corporate Technology Company: Siemens Holding S.L. Experience Level: Experienced Professional Job Type: Full-time
Consultor /a de Ciberseguridad, ECB Engineering Firm
En ECB Engineering Firm nos dedicamos a la búsqueda, identificación y selección de profesionales altamente cualificados, especializada en perfiles técnicos en medios y altos cargos para la industria de la Ingeniería y la Tecnología. Somos una multinacional con presencia en diferentes países del mundo con capacidad para la gestión de proyectos en los 5 continentes.   Estamos buscando un perfil de Consultor de Ciberseguridad con ganas de crecer con nosotros, encargándose de la prestación de servicios de asesoría de Ciberseguridad para nuestros clientes, tanto a nivel nacional como internacional. La persona seleccionada será responsable del diseño de los servicios, identificación de las necesidades de los clientes y creación de planes de acción concretos para alcanzar los objetivos establecidos.   Buscamos una persona proactiva con motivación de crecimiento y orientación a la gestión de equipos, teniendo la oportunidad de construir desde cero un área especializada.   ¿Qué necesitamos? Conocimiento en normativa de Seguridad de la Información (ISO 27001). Experiencia en Auditoría de Seguridad. Conocimientos en herramientas de Hacking Ético. Experiencia de al menos un año en rol similar. Valorable disponer de conocimientos/experiencia en Transformación Digital (conceptos como Indicador de Madurez Digital - IMD). Valorable disponer de conocimientos en eMarisma. Nivel de inglés avanzado.   ¿Qué ofrecemos? Integración en una estructura joven, dinámica y horizontal de trabajo. Posibilidad de colaborar en proyectos de impacto nacional e internacional. Trabajo por objetivos, con horario de entrada y salida flexible.
Analista de Seguridad y Cumplimiento Normativo,
n Viewnext, creemos que para poder formar parte de un gran proyecto hace falta contar con los mejores profesionales, las mejores herramientas, y la experiencia en el entorno tecnológico más innovador del grupo IBM a nivel mundial. Si tienes experiencia en soluciones de Seguridad Informática, esta puede ser tu oportunidad.   Estamos buscando Perfiles de Consultores y Técnicos en Seguridad informática con conocimientos en Cumplimiento Normativo y background técnico de seguridad. Buscamos experiencia en alguna de las siguientes tecnologías y áreas: *Seguridad perimetral *Seguridad CLOUD *Seguridad SAP *Seguridad Big Data (HORTONWORKS) *Sólidos conocimientos técnicos de seguridad *Experiencia en toma de requisitos, asistencia a reuniones, planteamiento de soluciones. *Recomendable, que tenga alguna certificación tipo CISSP, CHFI, CEH.   ¿Qué experiencia profesional y técnica requerimos?   Perfil senior con capacidades para asistir a reuniones y ser capaz de tomar decisiones. Perfil con conocimientos técnicos avanzados en seguridad, ya que entre las principales funciones que realizará será la validación de arquitecturas, protocolos de comunicación seguros, cifrados, administración de sistemas on premises/cloud, configuración de auditoría técnica, gestión de vulnerabilidades.    ¿Qué ofrecemos?   Formación y certificaciones técnicas. En Viewnext valoramos la formación, por eso, somos una de las empresas que más horas de formación invierte en sus empleados. Flexibilidad horaria. Desarrollo profesional y plan de carrera. Beneficios sociales (tarjeta de comida). Plan de retribución flexible acorde a tus necesidades (seguro médico privado, cheques guardería, formación, tarjeta transporte…).   Si estás interesad@ no dudes en inscribirte en nuestra oferta para poder contarte más detalles de este proyecto.

Estudios y publicaciones ISMS

ISMS Forum, a través de sus iniciativas, elabora estudios que abarcan distintos aspectos relacionados con la Seguridad de la Información, con la implicación y colaboración de los profesionales de la Asociación.

ISMS FORUM MAGAZINE

La revista semestral de la Asociación Española para el fomento de la Seguridad de la Información

Colaboradores

Entidades asociadas