(E159) Blue Team Analyst

Spektrum has a wide range of exciting opportunities in several global locations.We are always looking to add great new talent to our team and look forward to hearing from you.Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services.
We provide our clients with professional services, specialized aerospace and defence sales, delivery, and operational subject matter expertise.
We are looking for personnel to join our team and support key client projects.BackgroundThe role will be embedded within an International Organisation's Global Service Center Base in Valencia, which serves as a key operational and logistical hub for international missions aimed at maintaining peace and providing humanitarian aid.
Located in Spain, this center complements the efforts of its counterpart in Brindisi, working collaboratively to ensure comprehensive support for missions worldwide.The Valencia base is particularly focused on information and communication technology services.
It manages critical IT infrastructure, cybersecurity, and data management systems that are essential for the coordination and execution of global missions.
This includes maintaining reliable and secure communication networks, developing and implementing innovative technological solutions, and providing technical support to field operations.By handling these complex and crucial aspects of mission support, the Valencia base ensures that international operations can rely on robust and efficient technological frameworks.
This enables quick and effective responses to crises, enhances coordination among various stakeholders, and supports the overall objectives of global peacekeeping and humanitarian initiatives.The center's dedication to excellence and continuous improvement makes it an integral part of international efforts to address global challenges.Role Duties and ResponsibilitiesThe Analyst, Blue Team (Defensive Security) develops, implements, drives, and monitors the defensive security practices for Information Security and Risk Management at Client.S/he acts as the authority for the development and enforcement of organization policies, standards, and processes, and has ultimate responsibility for ensuring the detection and responding to threats.S/he guides the design and continuous improvement of the defensive security that balances business needs with security risks.S/he advises the CIO, CISO, and top executives on defensive security matters and sets directions for complying with regulatory inquiries, legal and compliance regulations, inspections, and audits.S/he is an expert in cyber security compliance standards, protocols, and frameworks, as well as the NIST 800-53, NIST CSF, and NIST 800-37 (RMF).S/he keeps abreast of cyber-related applications and hardware technologies and services and is constantly on the look-out for new technologies that may be leveraged to enhance work processes, or which may pose potential threats.S/he is an inspirational and influential leader, who displays sound judgement and decisiveness in ensuring that corporate information is well protected and secured.S/he directs and manages an independent assurance program for cybersecurity to assess, monitor and report on the operating effectiveness of security controls.Proactively and effectively reports on information security priorities, top risks, and action plans.S/he is responsible to formulate, implement, and manage institutional information security strategies and programs designed to protect ICT's information technology (IT) systems and information from illegitimate access and reduce/mitigate information security risks across the organization.S/he leads programs and processes to monitor the emergence of new threats and vulnerabilities, assessing impacts, and driving responses, as appropriate (incident response policies and standards).S/he ensures that clear and timely business advice is provided to management on key information security and assurance issues and that information security and risk is adequately represented on relevant business/governance forums and is known, well-integrated, and addressed across the organization.Maintain and implement business continuity and disaster recovery strategies and solutions to ensure organizational resiliency for client.Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board.Lead and manage the information security team.S/he will report to the CISO and the Blue Team Lead and may supervise international, national, and administrative staff.Essential Skills and ExperienceExtensive experience in building a cybersecurity offensive team (BLUE TEAM);Extensive experience in compliance and risk management;Extensive experience in creating and implementing test cases and test plans;Extensive experience in all aspects of application/data security (definition, implementation, and validation);Extensive experience in simulating cyber-attacks and data breaches;Experience defining security strategies aligned with business and strategic objectives.Strong interpersonal skills;Solid organization and document, project management;Strong investigative skills;Strong ability to continue to learn and grow;Basic knowledge of reporting tools (e.g., MS Excel, Power BI, Power BI Report Builder);Ability to translate technical security vulnerabilities into business risk/impact to applications;Demonstrated skill in creating security policies and procedures based on ISO27001, NIST 800-53 and Computer Information System (CIS) controls;Strong analytical and problem-solving skills and proactive thinking skills;Able to articulate complex, technical concepts to non-technical audiences.EducationBachelor's degree in computer science, information systems, mathematics, statistics or related field from an accredited academic institution with two years of relevant professional experience; or a University degree in the above fields with four years of relevant professional experience.Desirable CertificationsProfessional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified Secure Software Lifecycle Professional (CSSLP), Certified Secure Web Application Engineer (CASE), Certified Secure Web Application Engineer (CSWAE), Governance, Risk, and Compliance Professional (GRCP), Certified Ethical Hacker (CEH), or related will be a distinct advantage in addition to cloud computing certifications at associate/professional/specialty level from Azure and/or AWS.Information Technology Infrastructure Library (ITIL) and Prince2 Foundation are added advantages.Language ProficiencyBusiness EnglishWorking LocationValencia, SpainWorking PolicyOn-SiteWe never know what new opportunities might be just over the horizon.
If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.
#J-18808-Ljbffr