Browse
···
Log in / Register
Position Summary: We are seeking a professional in Computer Engineering/Cybersecurity to lead the GRC area, defining and implementing security plans and ensuring regulatory compliance. Key Highlights: 1. Lead the Governance, Risk, and Compliance (GRC) area 2. Key role in defining, implementing, and auditing security 3. Security Officer within the framework of the ENS **Job Description** We are looking for a candidate with a degree in Computer Engineering and/or a Master’s in Cybersecurity, and demonstrable experience (both technical and strategic), to lead our Governance, Risk, and Compliance (GRC) area. The candidate will be the key figure responsible for defining, implementing, and auditing security plans to ensure regulatory compliance required for our services targeting the notarial sector. **Main Responsibilities** * **Regulatory Compliance (ENS, NIS2, GDPR):** Lead the technical and organizational alignment of internal processes with critical regulations. Formally assume the role of **Security Officer** within the framework of the National Security Scheme (ENS), responsible for analyzing self-assessment or audit reports and submitting conclusions to the system owner for adoption of appropriate corrective measures. * **GRC and Resilience Management:** Technical execution of GRC, including Business Impact Analysis (BIA) and management of IT testing plans. * **Business Continuity and DRP:** Development and maintenance of Disaster Recovery Plans (DRP) and analysis of structural dependencies of critical applications (AIA). * **Auditing and Control:** Technical support and coordination during security audits (both internal and third-party certification audits), management of findings, and definition of operational control KPIs. * **Crisis Management:** Leadership in technological crisis simulations and preparation of executive reports for Management Committees. **Technical Requirements** * **Qualifications:** Bachelor’s degree in Computer Engineering, Telecommunications, or equivalent, and/or a specialized Master’s degree in Cybersecurity. * **Certifications (Highly Valued):** Possession of recognized industry certifications such as CISM, CISA, CRISC, or Lead Implementer / Lead Auditor certifications for standards like ISO 27001 or ENS will be positively considered. **Desired Competencies** * Analytical capability, rigor in management, and clear orientation toward technical execution and problem resolution. * Ability to coordinate technical teams and ensure proper adoption of security standards across the organization. * Excellent communication skills to clearly convey complex technical risks to senior management.
