At Lognext, we have been partnering with companies and teams for over 18 years to help them identify and implement the necessary technology to advance, aligning their challenges and objectives with our own and integrating into their reality. Being a NEXTER means that your career and talent gain meaning not only for you but also for those around you, allowing you to build what matters most and achieve your next level.
We are seeking a Security Specialist with expertise in governance and management of IT and Cybersecurity risks. This role will support the central function in governing Cyber and IT risks across various entities, providing transversal services to support and monitor cybersecurity measures, including the transformation of ISO 27001 controls into tailored services for these entities.
Key Responsibilities :
Monitor and assess IT and Cybersecurity risks to ensure robust governance, ensuring action plans align with risk mitigation strategies.
Oversee and challenge remediation actions, manage gaps, and track the implementation of action plans across different entities.
Evaluate technical and governance evidence, such as policies and procedures, and prepare detailed reports to consolidate key risks for stakeholders.
Perform audits of Management Systems in accordance with ISO 27001, ISO 9001, and ISO 14001 standards, as well as ensuring compliance with the DORA framework.
Conduct and coordinate cybersecurity assessments, vulnerability monitoring (via Qualys), and pentesting services, working with external vendors and reporting on critical vulnerabilities.
Lead meetings, workshops, and committees across multiple countries to address cybersecurity concerns, including firewall rule reviews, phishing campaigns, and audits.
Monitor KPIs and KRIs related to cybersecurity and IT risks, ensuring that all pending internal and external audit actions are being addressed, and gaps identified by corporate are being closed.
Engage with stakeholders to ensure timely resolution of risks and compliance with governance standards.
Skills :
Essential :
Proven experience (3-5 years) in IT and cybersecurity risk governance, with a solid understanding of controls and risk frameworks.
Experience in Auditing Management Systems: ISO 27001/ISO 9001/ISO 14001.
Bachelor's degree (or higher) in Computer Science, Cybersecurity, or a related field.
Knowledge of CVSS and familiarity with cybersecurity frameworks (e.g., ISO 27001).
Strong project management skills to track remediation actions and monitor risks across multiple entities.
Experience in cybersecurity audits and assessments, particularly around vulnerability management, pentesting coordination.
Proficiency in MS Office suite (Excel, PowerPoint, SharePoint, OneNote) and experience with ServiceNow.
Fluent in English with excellent communication skills to lead technical discussions and workshops.
Desirable :
Ability to interpret network maps, firewall rules, and vulnerability reports.
Familiarity with network segregation, DMZs, and backup procedures (e.g., incremental backups).
Knowledge of KPI and KRI reporting, especially in the context of cybersecurity risk management.
Permanent contract .
Madrid, Spain .
Competitive salary with a flexible payment plan.
Professional Development : Access to an annual budget for advancing your skills through professional certifications.
Join our expert team, where creativity, commitment, and the ability to bring new perspectives are essential to make a difference in a world full of opportunities.
Are you ready for your NEXT LEVEL?
At Lognext, we are committed to equality between women and men, as demonstrated by our registered and published Equality Plan. We believe that multiculturalism enriches our projects with diverse values, experiences, and knowledge, and we are committed to fostering diversity. We work every day to create environments where people are treated with respect and dignity, regardless of their background. We do not discriminate based on race, religion, ethnicity, disability, age, nationality, marital status, sexual orientation, or gender.