Social network you want to login/join with:
Client:
Location:
Job Category:
Other
EU work permit required:
Yes
Job Views:
3
Posted:
06.03.2025
Expiry Date:
20.04.2025
Job Description:
Job Description:
Trigyn has a contractual opportunity for a Blue Team Lead (Cyber Security). This resource will be working at our client site in Valencia, Spain.
Job Responsibilities:
The position will lead defensive security practices within the Information Technology Department (ICT). ICT manages the information systems and technology services required for the client's Headquarters, Regional and Field Offices. The analyst sets the standards and processes for defensive security approaches for ICT within the client. The analyst will be part of the Blue Team, which also monitors compliance with the standards and policies within ICT.
Job Purpose:
The Analyst, Blue Team (Defensive Security) develops, implements, drives, and monitors the defensive security practices for Information Security and Risk Management at the client. He/She acts as the authority for the development and enforcement of organizational policies, standards, and processes, and has ultimate responsibility for ensuring the detection and response to threats. S/he guides the design and continuous improvement of the defensive security that balances business needs with security risks. S/he advises the CIO, CISO, and top executives on defensive security matters and sets directions for complying with regulatory inquiries, legal and compliance regulations, inspections, and audits. S/he is an expert in cyber security compliance standards, protocols, and frameworks, including NIST 800-53, NIST CSF, and NIST 800-37 (RMF). S/he keeps abreast of cyber-related applications and hardware technologies and services and is constantly on the lookout for new technologies that may enhance work processes or pose potential threats. S/he is an inspirational and influential leader, who displays sound judgment and decisiveness in ensuring that corporate information is well protected and secured. S/he directs and manages an independent assurance program for cybersecurity to assess, monitor, and report on the operating effectiveness of security controls. S/he is responsible for formulating, implementing, and managing institutional information security strategies and programs designed to protect ICT’s information technology (IT) systems and information from illegitimate access and reduce/mitigate information security risks across the organization.
Responsibilities:
1. Information Security Strategy, Policies, and Standards:
Provide vision, leadership, and direction on defensive security and IT risk for the client. Collaboratively engage with all ICT teams and businesses to facilitate a standardized approach to defensive security and IT risk.
2. Incident Response Management:
Establish processes to detect, respond, and recover in a timely manner from incidents. Implement preventive, detective, and corrective technical security controls and solutions to support information security policies, standards, and procedures.
3. Information Risk Management:
Strengthen sustainability of internal control reviews and ensure ongoing analysis of information security threats, vulnerabilities, and market trends.
4. Customer Service and Communications:
Build sound customer service across IOM to enable a strong understanding and close alignment with customer needs, direction, and risk appetite.
5. Cyber Security Analyst:
Provide analysis of our client’s operation for the development of policies, guidelines, and methodologies.
Education:
Bachelor’s degree in computer science, information systems, mathematics, statistics, or related field from an accredited academic institution with two years of relevant professional experience; or a university degree in the above fields with four years of relevant professional experience. Professional certification such as CISSP, CISM, CCISO, CSSLP, CASE, CSWAE, GRCP, CEH, or related will be a distinct advantage, in addition to cloud computing certifications from Azure and/or AWS. ITIL and Prince2 Foundation certifications are added advantages.
Experience:
Extensive experience in building a cybersecurity offensive team (Blue TEAM); compliance and risk management; creating and implementing test cases and plans; application/data security; simulating cyber-attacks and data breaches; defining security strategies aligned with business objectives.
Skills:
Strong interpersonal skills; solid organization and project management; strong investigative skills; ability to learn and grow; basic knowledge of reporting tools (e.g., MS Excel, Power BI); ability to translate technical security vulnerabilities into business risk; demonstrated skill in creating security policies based on ISO27001, NIST 800-53, and CIS controls; strong analytical and problem-solving skills; ability to articulate complex concepts to non-technical audiences; strong English oral and written communication skills.
#J-18808-Ljbffr