A Seara, Galicia, Spain
- Respond in a timely and accurate manner to client and supplier security questionnaires, due diligence requests, and RFPs. - Maintain and update reusable documentation (e.g., CAIQ, SIG, security white papers, policy briefs) to streamline future responses. - Assist in the preparation, execution, and collection of evidence for third-party audits (e.g., SOC 2, ISO 27001). - Track and collaborate on the implementation of corrective actions identified through internal reviews or audit findings. - Collaborate with internal teams to document security controls, policies, and procedures.
- Manages security consultants responsible for the customization, development and implementation of cybersecurity solutions for clients’ systems, applications and product designs. - Designs and implements protocol for client installations, including security assessments using penetration and vulnerability testing and risk analysis. - Performance is typically measured by the capture of the consulting engagement and/or utilization (i.e., billable hours for the department) or performance against budget. - Provides feedback to product development and professional services teams for improving product security standards and procedures. - Selects, develops and evaluates personnel to ensure the efficient operation of the function.
- Act as escalation Point of Contact for customer’s security and compliance requirements. - Participate in customer projects to identify and define controls to be implemented aligned to the Integrated Management System (IMS) and how they will be executed in customer’s platforms. - Responsible for maintaining the PCI DSS compliance in customers - Responsible for monitoring of existing security controls and recurrent activities implemented in customers platforms and report on their status - Identify improvement areas regarding compliance and security in customer platforms. - Respond to customer’s security and compliance questions - Engaging and consulting with Operational Teams to recommend solutions to improve policies, procedures, efficiency and controls. - Responsible from CMS side of customer related audits, assist in the development of mitigation plans, and perform controls validations to assure the processes meet company standards. - Support in the development of security and compliance training material for the Operational Teams. - Drive timely the collection of documentation requested by customer’s internal and external audits. - Demonstrate commitment to customer service, solve customer security requirements or problems effectively. - Collaborate proactively advising Operational Teams to ensure compliance with all company security policies. - Prepare security reports related and analyses documenting progress and adverse trends, makes appropriate recommendations or conclusions.
Adecuación y realización de auditorías a la Ley Orgánica de Protección de Datos (LOPD). Adecuación al Reglamento General de Protección de Datos (RGPD). Proyectos de descubrimiento de software Proyectos de continuidad de negocio Auditorías del Esquema Nacional de Seguridad (ENS) Proyectos de benchmarking de soluciones informáticas Auditoría SGSI – ISO 27001. Revisiones de controles generales (ITGC).