IT Information Security Specialist

As part of the global IT team, the IT Information Security Specialist will plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data. The Information Security Specialist will stay up-to-date on the latest cybersecurity intelligence, including hackers' methodologies, in order to modify standards and controls that govern cybersecurity across the corporation.

She/he works with internal resources and a network of external service providers including security vendors to guarantee the required level of IT security and support incident related.

Supports the Information Security Operations, contribute to the CyberSecurity roadmap and run Self-Assessment and internal/external audit programs.

**Key Outputs: What we can expect from you**:

- Perform cybersecurity and compliance assessments on new and existing systems, processes, technology. Identifies opportunities for control improvement in pre/post-implementation of IT systems, upgrades and other change events.
- Support vendor due-diligence process and help to lead and define overall vendor risk management efforts.
- Work with various business units to ensure controls are adequate, appropriate, and effective.
- Support internal and external audit process for relevant compliance concerns including IT General, Application and Process Controls.
- Performs regular follow-up audits on non-compliant or high-risk breaches; promotes consistent method of improvement for IT governance, security and operational excellence across the company.
- Perform business impact analysis and assist with development of IT/InfoSec risk register.
- Interface with Global IT and business partners to provide guidance and support.
- Perform periodic gap assessments to validate compliance on an ongoing basis.
- Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.
- Support the CS Operations, administering and implementing cybersecurity tools and threat intelligence solutions, offering occasional off-hours support.
- Actively participate to the CyberSecurity Roadmap definition, implementation and monitoring
- Consult with business teams and proactively seek “out of the box” new solutions (including Cloud) to exploit the IT CyberSecurity services.
- Maintain the CyberSecurity Incident Response plan up to date.
- Maintain and monitor compliance to corporate IT security practices and policies

**What skills will you gain from this role?**
- IT Governance, Security and Risk assessment/management.
- CyberSecurity protection
- Exposure in managing IT operations at a global level
- Cross-cultural communication skills.
- Significant experience in global teams.
- Problem solving skills and analytical thinking
- Vendor and project management.
- Change management.
- Opportunity to develop leadership skills or technology lead.
- Wide understanding of IT technologies and Architectures.
- Skill and experience in CyberSecurity protection and operations (preferred) including:

- Threat and VulnerabilityAssessment
- Ethical Hacking Skills
- Network, Hosting & Applications Security
- Penetration Testing
- Intrusion Prevention and Detection
- SecOps and DevSecOps
- Deep understanding of how hackers work and ability to keep up with the fast pace of change in the criminal cyber-underworld
- Security certifications such as CIPP, CISA, CSIR, ISO27001 Lead Auditor is desirable.
- Deep domain knowledge, ideally with experience with global exposure and strong understanding knowledge of cloud computing.
- Cloud solution provider certification such as Azure will be a bonus.
- Meticulous attention to detail
- A forensic approach to challenges
- Risk Management and IT Governance skills (preferred)
- Experience on monitoring tools and patch management.
- Skills on Microsoft Windows Server and client Operating Systems
- Understanding of access management.
- Able to work as part of a global team with mínimal supervision
- Excellent written and oral communication skills (English)
- Good planning and documentation skills.
- Creative problem-solving abilities
- Good decision making thought process
- Change control and management experience
- Vendor management