Blue Team Analyst

Spektrum supports apex purchasers (NATO, UN, EU and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.
Background
The role will be embedded within an International Organisations Global Service Center Base in Valencia serves as a key operational and logistical hub for international missions aimed at maintaining peace and providing humanitarian aid. Located in Spain, this center complements the efforts of its counterpart in Brindisi, working collaboratively to ensure comprehensive support for missions worldwide.
The Valencia base is particularly focused on information and communication technology services. It manages critical IT infrastructure, cybersecurity, and data management systems that are essential for the coordination and execution of global missions. This includes maintaining reliable and secure communication networks, developing and implementing innovative technological solutions, and providing technical support to field operations.
By handling these complex and crucial aspects of mission support, the Valencia base ensures that international operations can rely on robust and efficient technological frameworks. This enables quick and effective responses to crises, enhances coordination among various stakeholders, and supports the overall objectives of global peacekeeping and humanitarian initiatives. The center's dedication to excellence and continuous improvement makes it an integral part of international efforts to address global challenges.
Role Duties and Responsibilities

The Analyst, Blue Team (Defensive Security) develops, implements, drives, and monitors the defensive security practices for Information Security and Risk Management at Client.
S/he acts as the authority for the development and enforcement of organization policies, standards, and processes, and has ultimate responsibility for ensuring the detection and responding to threats. S/he guides the design and continuous improvement of the defensive security that balances business needs with security risks. S/he advises the CIO, CISO and top executives on defensive security matters and sets directions for complying with regulatory inquiries, legal and compliance regulations, inspections, and audits. S/he is an expert in cyber security compliance standards, protocols, and frameworks, as well as the NIST 800-53, NIST CSF, and NIST 800-37 (RMF).
S/he keeps abreast of cyber-related applications and hardware technologies and services and is constantly on the look-out for new technologies that may be leveraged to enhance work processes, or which may pose potential threats. S/he is an inspirational and influential leader, who displays sound judgement and decisiveness in ensuring that corporate information is well protected and secured. S/he is strategic in his/her approach toward resource management and capability development among her/his teams.
S/he directs and manages an independent assurance program for cybersecurity to assess, monitor and report on the operating effectiveness of security controls. Proactively and effectively reports on information security priorities, top risks, and action plans.
S/he is responsible to formulate, implement, and manage institutional information security strategies and programs designed to protect ICT's information technology (IT) systems and information from illegitimate access and reduce/mitigate information security risks across the organization. S/he leads programs and processes to monitor the emergence of new threats and vulnerabilities, assessing impacts, and driving responses, as appropriate (incident response policies and standards). S/he leads the development and maintenance of a security and risk management functional capability and framework that defines and manages ICT's overall approach to information risk and control that aligns with Client's risk management strategy.
S/he ensures that clear and timely business advice is provided to management on key information security and assurance issues and that information security and risk is adequately represented on relevant business/governance forums and is known, well-integrated, and addressed across the organization. Maintain and implement business continuity and disaster recovery strategies and solutions to ensure organizational resiliency for client. Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board. Lead and manage the information security team.
S/he will report to the CISO and the Blue Team Lead and may supervise international, national, and administrative staff.

Information Security Strategy, Policies, and Standards

Provide vision, leadership, and direction on defensive security and IT risk for client. Collaboratively engage with all ICT teams and business to facilitate a standardized approach and structure to defensive security and IT risk.
Liaise with the different ICT teams to ensure that standards, polices, and procedures are available and enacted consistently across application development projects and programs.
Oversee the development and maintenance of standards and processes that fit the organization at all levels. Ensure consistent application of security standards across client's (in HQ, regional and field offices) technical infrastructure.
Establish an effective defensive security capability that includes customers and resource owners in the security decision making and oversight.

Incident Response Management

incident response process from the monitoring and detection of incidents. Establish processes to detect, respond, and recover in a timely and proactive manner from incidents.
Implement preventive, detective, and corrective technical security controls and solutions to support information security policies, standards, and procedures.
Respond appropriately to investigations and forensic requests, managing situations with discretion, sensitivity, and objectivity, and with due consideration of chain-of-custody.
Liaise with other IT specialists and relevant external parties to proactively review and address technical security vulnerabilities, threats, and risks and ensure that appropriate controls are implemented to prevent recurrence of information security incidents.

Information Risk Management

Strengthen sustainability of internal control reviews and ensure ongoing analysis of information security threats, vulnerabilities, and market trends. Determine potential impact on the organization's risk posture.
Implement and maintain a mechanism to monitor risk response activities in ICT, report to management regularly.
Liaise with the different ICT teams and other departments to ensure that IT audit findings are tracked, analyzed for impact, prioritized, and implemented in a systematic manner; ensure that all significant audit findings are closed in a reasonable amount of time; work closely with other ICT teams in implementing the IT policies and procedures required for addressing the audit findings.

Customer Service and Communications

Build sound customer service across CLIENT to enable a strong understanding and close alignment with customer needs, direction, and risk appetite.
Manage the creation and production of timely, accurate, and informative customer and IT metrics relating to defensive security and risk initiatives. Utilize the metrics to prioritize key initiatives and respond to negative trends.
Develop and promote information security awareness training and education for all levels of staff and service providers. Regularly review and ensure its effectiveness.
Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.

Cyber Security Analyst

Provide analysis to our client's operation for development of policies, guidelines, and methodologies.
Recommend cyber security control and measurement, and policy compliance for development operations.
Liaises with external entities, such as cybersecurity advisory bodies, cyber threat intelligence entities, member states and external partners, and law enforcement agencies (in coordination with CIO, CISO, LEG, OIO, and HR) , etc. as necessary, to ensure that the organization maintains a strong security posture and is kept well abreast of the relevant security issues identified by these external entities.

Essential Skills and Experience

Extensive experience in building a cybersecurity offensive team (BLUE TEAM);
Extensive experience in compliance and risk management;
Extensive experience in creating and implementing test cases and test plans;
Extensive experience in all aspects of application/data security (definition, implementation and validation);
Extensive experience in simulating cyber-attacks and data breaches;
Experience defining security strategies aligned with business and strategic objectives.
Strong interpersonal skills;
Solid organization and document, project management;
Strong investigative skills;
Strong ability to continue to learn and grow;
Basic knowledge of reporting tools (e.g., MS Excel, Power BI, Power BI Report Builder);
Ability to translate technical security vulnerabilities into business risk/impact to applications;
Demonstrated skill in creating security policies and procedures based on ISO27001, NIST 800-53 and Computer Information System (CIS) controls;
Strong analytical and problem-solving skills and proactive thinking skills;
Able to articulate complex, technical concepts to non-technical audiences;

Education

Bachelor's degree in computer science, information systems, mathematics, statistics or related field from an accredited academic institution with two years of relevant professional experience; or a University degree in the above fields with four years of relevant professional experience.

Desirable Certifications

Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified Secure Software Lifecycle Professional (CSSLP), Certified Secure Web Application Engineer (CASE), Certified Secure Web Application Engineer (CSWAE), Governance, Risk, and Compliance Professional (GRCP), Certified Ethical Hacker (CEH), or related will be a distinct advantage in addition to cloud computing certifications at associate/professional/specialty level from Azure and/or AWS.
Information Technology Infrastructure Library (ITIL) and Prince2 Foundation are added advantages

Language Proficiency

Business English

Working Location

Valencia, Spain

Working Policy

On-Site

#J-18808-Ljbffr