We'retheworld'slargestindependentrenewableenergycompany.We'redrivenbyasimpleyetpowerfulvision:tocreateafuturewhereeveryonehasaccesstoaffordable,zerocarbonenergy. RESisafamilywithadiverseworkforce,andwearededicatedtothepersonalprofessionalgrowthofourpeople,nomatterwhatstageoftheircareerthey'reat.Wecanpromiseyourewardingworkwhichmakesarealimpact,thechancetolearnfrominspiringcolleaguesfromacrossagrowing,globalnetworkandopportunitiestogrowpersonallyandprofessionally. AsaCyberSecurityEngineeratRES,youwillberesponsibleforsafeguardingourinformationsystemsagainstcyberthreatsandensuringtheintegrity,confidentiality,andavailabilityofdata.Yourexpertisewillplayacrucialroleindesigning,implementing,andmonitoringsecuritymeasuresforourcomputingsystemsandnetworkinfrastructure. ThisrolewillsupportRES'sSpanishO&M(Operations&Maintenance)businessesandtheirO&Mbranchofficesacross~15countriesontheirjourneytoprogressivelymatureandrefinetheircybersecurityarrangements.Throughthefurtherembeddingofcybersecurityintobusinesspracticesandtechnology,thisrolewillsupportRESinbecomingrecognisedasamarketleaderinthedeliveryofcybersecurityserviceswithinrenewables. AsaCyberSecurityEngineer,youwill: -Providecybersecurityanalysisandsupportthroughouttheorganisation,ensuringsecurityand governancerequirementsaremet,andbeproactiveintheidentificationandremediationofsecurity incidents. -Leadthetechnicalrootcauseanalysisofsecurityincidentstoensurepromptactionistakentoprevent incidentreoccurrenceandstrengthenrelevantcybersecuritycontrols. -Managethecybersecurityteam'soperationalqueueofrequestsandincidentsaswellasqueriesinto theteammailboxinlinewithagreedservicelevels. -Undertakingoperationalsupportandmaintenanceofthecompany'scybersecuritytechnologies includingthoserelatedtoemail,webandendpointsecurityandMicrosoft365/Azureservices. -Alongsidecybersecuritypartnersandotheroperationalteamsmonitorcyberalertsandnetworktraffic forunusualactivitiesandrespondtosecurityevents,breachesorintrusionsusinganalyticsandforensic toolstoinvestigatethesourceofbreachesandblockpotentialthreats. -Routinelyproducerelevantandaccuratecybersecuritymetricsforbothtechnicalandbusiness stakeholdersontheperformanceandeffectivenessofthecompany'scybersecurityarrangements. -Manageallcybersecurityaspectsoftheon-premiseandAzureenvironmentsutilisedbyourSpanish O&MbusinessesandtheirO&Mbranchofficesacross~15countries. -ProvidecybersecuritydirectiontotheSpanishO&MbusinessandRESintegrationteams. -RepresentSpanishO&MbusinessesastheCyberSecurityleadatappropriateforumsincludingTDA, internalprojectsandprogrammes. -Gatherthreatintelligencefromidentifiedexternalandinternalsourcesandrelatetovulnerabilitiesin systemsandprocessessotoidentifyrelevantcountermeasures. -Undertakecybersecurityvulnerabilityassessmentsandremediationofsystemsandinfrastructure ensuringeffectivepatchmanagementandongoingcyberresilience. -Overseecybersecuritypenetrationtestingofsystemsandinfrastructurebyexternalspecialiststo ensuretheeffectivemanagementandremediationofanyresultingimprovementactions. -BeresponsiblefordeliveringcybersecurityservicesandsolutionsacrossNetworks,Systems, Applications,Voice,Mobile,WifiplatformsandCloudservicestoaddressidentifiedvulnerabilitiesand provideadviceonsystemshardeningand/ormitigationmeasurestoaddresscyberrisks. -AspartofsupportingbusinessandITintegrationoftheSpanishO&Mbusinessesundertakeknowledge transferofteammembers,ITcolleaguesandthebusinesscolleagues. -HavetheabilitytodeputisefortheCyberSecurityOperationsManagerasandwhenneeded. Requisitos: Knowledge -In-depthknowledgeofadvancedsecurityanalysisincludingthecyberkillchain,malwareanalysis, memoryandfilesystemanalysis,andattackvectors. -KnowledgeofthecybersecuritytoolsandpracticesusedwithinMicrosoftAzure/M365 -Knowledgeoftechnicalsecuritysystems,securityarchitecture,securitytechnology,andassociated penetrationtestingandSecurityEventManagementmethodologies. -Appreciationofthepotentialimpactofsecurityeventsandtheabilitytoprioritisethem. -KnowledgeofDataProtectionanditsrolewithinabusiness.GoodworkingknowledgeofISO/IEC 27001/27002andISMScreation/maintenance -UnderstandingofITsystemsandtechnologies(e.g.LinuxandWindowsoperatingsystems,TCP/IP Networking,E-Mail). Experience -2years+experienceofmanagementofCyberSecurity -Provenexperienceinacybersecurityrolewithastrongunderstandingofsecurityprotocols,cryptography, andapplicationsecurity. -Proficiencyinsecuritysystems,includingfirewalls,intrusiondetectionsystems,anti-virussoftware, authenticationsystems,logmanagement,contentfiltering,etc. -ExperienceofconfiguringandworkingwithSIEMsystems/othersecuritytoolsets,andfreeform investigationsinthesesystems. -Comfortablewithtravelrequests(adhoc). Skills -Strongwrittenandverbalcommunicationskills,abilitytoformstrongbusinessrelationshipsacrossmultiple locations -Strongstakeholdermanagementincluding3rdpartyvendormanagement(ITprojects); -Abilitytoidentifydevelopingpatternsandtrendsindata. -Goodcommunicationandinterpersonalskills; -Spanishlanguage,nativeorfluent(preferably) -Comfortablewithuncertaintyandtime-sensitivedeadlines. -Musthavetheabilitytoworkindependentlyandtakeinitiative -Goodcommercialacumen Qualifications -Ideallyeducatedtodegreelevelorholdingaprofessionalqualificatione.g.CISSP,CISMorBCSISMP wouldbeanadvantage. -GlobalInformationAssuranceCertifications(GIAC)e.g.CertifiedIncidentHandler(GCIH),andCertified IntrusionAnalyst(GCIA)wouldbeanadvantage. Seofrece: RESGrouphaveundertakenacquisitionactivitiestogrowtheirbusinessinrecentyears.Currently,thoseacquiredcompaniesintheformofRES'sSpanishO&MbusinessesandtheirO&Mbranchofficesworkasastand-alonebusinesseswithlimitedintegrationtoRESGroupprocessesandcapabilities.PlansarebeingfinalisedtodeliveralevelofintegrationofthesebusinessITintothatofRESGroup.
#J-18808-Ljbffr
