Security Consultant

Description

Job Summary: We are seeking a cybersecurity professional with extensive experience, capable of leading strategic initiatives, managing risks, and ensuring regulatory compliance. Key Highlights: 1. Leadership in cybersecurity strategy and ISMS governance. 2. Management of ENS compliance programs and adaptation to the NIS2 Directive. 3. Experience equivalent to that of a CISO or Information Security Officer. MANDATORY REQUIREMENTS: "Applicants must demonstrate experience/knowledge in at least 4 of the following areas: * Definition and leadership of a business-aligned cybersecurity strategy, supported by senior management. * Implementation and maturity enhancement of Information Security Management Systems (ISMS) in regulated environments. * Management of ENS compliance and maintenance programs (RD 311/2022\). * Organizational and governance adaptation to the NIS2 Directive\. * Leadership of corporate and technological risk management programs. * Oversight and coordination of Security Operations Centers (SOC) and incident response management (24x7 model\). * Integration of security into technology projects (security by design / DevSecOps). * Executive reporting to senior management and governance bodies. * Coordination with public cybersecurity agencies (ACC, CCN-CERT, CTTI or equivalent). Certifications: Applicants must hold at least 3 valid certifications from the following information security certification options: ISO27001 Lead Auditor, ISO22301 Lead Auditor, CISM, CISA, CDPSE (or similar), CCSKv5 certification or equivalent. Fluent spoken and written Catalan (bilingual with Spanish) English language proficiency: minimum B2 level Work format: Hybrid, with 60% on-site presence in the Barcelona metropolitan area" DESIRABLE REQUIREMENTS: Strong communication skills, ability to engage with senior management, and capacity to produce executive-level risk and security status reports. Prior experience as a CISO or head of a security office/team within the public sector or critical entities. Experience in third-party and supply chain risk management (TPRM) within multi-vendor environments. Knowledge/experience in business continuity plans and disaster recovery plans (DRPs) English language certification: B2/C1 REQUIRED DEGREE: Minimum Bachelor's degree in Computer Engineering, Telecommunications Engineering, or equivalent YEARS OF EXPERIENCE IN THE REQUIRED PROFILE: At least 10 years of documented experience in the field of technological systems, including 5 years performing duties equivalent to those of a CISO or Information Security Officer, within a security office or projects of comparable responsibility.