The Governance & IT Security Senior Technician is responsible for executing day-to-day security and governance activities, such as monitoring compliance with security policies, supporting vulnerability management efforts, and conducting IT security assessments.
KEY FUNCTIONS
* Support the implementation and maintenance of governance frameworks to ensure best practices are applied, following IT Security Analyst and Governance Analyst advice.
* Assist in developing, implementing, and enforcing policies and procedures to ensure compliance and security across the organization, assuring compliance after IT tools have been chosen.
* Help to manage regular risk assessments to identify potential risks and vulnerabilities and support the IT Security Analyst with the development of mitigation strategies.
* Monitor compliance with internal policies and external regulations, assisting in audits and ensuring the organization meets all legal and regulatory requirements.
* Ensure the life cycle and capacity plan for all security and corporate technology components.
* Assist in identifying, assessing, and managing vulnerabilities in the infrastructure, working closely with the IT Security Analyst and understanding CSIRT reports.
* Maintain detailed documentation of governance and security activities and prepare reports on compliance status, risk assessments, and security metrics.
* Work closely with the IT Security Analyst and Governance Analyst to ensure alignment in security and governance activities of Cellnex.
* Assist in developing and delivering training programs to educate employees on governance and security best practices and work on self-improvement.
* Identify opportunities for improving governance and security processes and support the implementation of changes to enhance efficiency and effectiveness, while also working on self-improvement.
Education:
* University degree in Computer Science, Information Security, Information Technology, or a related field.
* CompTIA Security+, CISA, CISM, CISSP, and Lead Auditor / Implementer ISO 27001 or similar certifications are advantageous.
Relevant Professional Experience:
* 2-3 years of experience in IT security, governance, risk, and compliance, or a related technical role.
* Knowledge of main security principles and compliance assurance, IT security, governance, and risk management.
* Basic knowledge of IT infrastructure, network security, incident response, and governance frameworks.
* Familiarity with standards and frameworks such as ISO 27001, NIST, and regulatory requirements.
Other Relevant Skills or Characteristics:
* Ability to maintain accurate records, logs, and documentation essential for compliance and reporting.
* Skilled at identifying security risks, analyzing complex data, and troubleshooting security issues.
* Effective communicator with the ability to explain security concepts to both technical and non-technical stakeholders.
#J-18808-Ljbffr