Information Security Engineer
If you believe cybersecurity goes beyond pentesting, your place is at GMV!
As an Information Security Engineer, you will play a pivotal role in safeguarding the organization's digital assets. You will be responsible for developing, implementing, and maintaining robust information security policies, standards, and procedures aligned with international best practices such as ISO 27001:2022.
Your expertise in Information Security Management Systems (ISMS) will be instrumental in ensuring the confidentiality, integrity, and availability of sensitive information.
You will also conduct security risk assessments in support of internal security certification and accreditation of projects and systems, identify threats and mitigation measures for all types of CIS assets, derive residual risks, and provide risk management recommendations.
WHAT CHALLENGE WILL YOU FACE?
You will be able to develop your professional career between Spain and Italy in information security and perform tasks such as:
Manage and implement a comprehensive Information Security Management System (ISMS) aligned with ISO 27000 family standards.
Conduct regular reviews and updates to the ISMS to ensure ongoing compliance.
Oversee the development and implementation of security policies, procedures, and standards.
Conduct risk assessments and identify potential threats to the organization's security.
Develop effective security controls to mitigate identified risks.
Ensure compliance with relevant security regulations and industry standards.
Support project/system security certification and accreditation for unclassified and classified systems.
Collaborate with other departments to identify and address security requirements.
Prepare clear and concise security reports, assessments, and presentations.
Communicate complex security concepts to technical and non-technical audiences, both verbally and in writing.
WHAT DO WE NEED IN OUR TEAM?
For this position, we are looking for engineering graduates with a strong motivation for cybersecurity who are available to travel to Italy and have at least 5 years of experience in:
A high level of English (at least C1) and effective writing and reporting skills.
Proven expertise in ISO 27001 and ISMS implementation and compliance.
Strong understanding and proven experience in Risk Management.
Ability to work with different projects and systems simultaneously.
Experience performing compliance audits.
Ability to work independently and as part of a team.
Good technical skills to derive threats and mitigation measures in a variety of IT environments.
We will also value previous experience and knowledge in:
Forensics and security incident analysis.
Network Security and access management.
Designing Training and Awareness presentations.
Software assessments and analysis.
Change management.
Patch and Vulnerability management.
Knowledge of Italian is also an asset.
WHAT DO WE OFFER YOU?
Hybrid work model and 8 weeks per year of remote work outside your usual geographical area.
Flexible entry and exit hours, with a shorter workday on Fridays and during the summer.
Development of a personalized career plan, training, and support for language learning.
National and international mobility. Coming from another country? We offer you a relocation package.
Competitive compensation with continuous reviews, flexible remuneration, and discounts on brands.
Wellbeing program: medical, dental, and accident insurance; free fruit and coffee, training in physical, mental, and financial health, and much more!
In our selection processes, you will always have telephone and personal, face-to-face or online contact with our talent acquisition team.
Additionally, we will never request transfers or bank card information. If someone contacts you through a different process, please write to our team.
We promote equal opportunities in hiring, committed to inclusion and diversity.
#J-18808-Ljbffr