IT Security Consultant - Evaluation of Suppliers
Información Adicional
| Ubicación | España (remoto) |
| Skills | Cybersecurity / Network / Security |
| Modalidad | Freelance |
| Idiomas | Inglés |
| Fecha de inicio | Enero 2024 |
| Duración | Indefinida |
| Rango salarial | 250/300€/jornada |
| Persona de contacto | Carmen J. Martínez |
| Estado | Abierto |
Detalles de la oferta
Para una colaboración en uno de nuestros clientes finales internacionales del sector industrial estamos buscando el siguiente perfil:
IT Security Consultant - Evaluation of Suppliers
Contrato indefinido (sueldo a convenir) / posibilidad de contrato freelance (tarifa jornada 250-300€).
100% teletrabajo
Role:
-
Responsible for evaluating IT security maturity of suppliers and coordinating the remediation actions to enhance supplier security posture. This role involves in-depth analysis of security findings, collaboration, and coordination with external partners, and driving proactive security measures to mitigate supplier potential risks effectively.
Responsabilities:
- Collaborate and coordinate with external stakeholders to send self-assessment questionnaire to suppliers and to collect evidence of implemented IT security controls.
- Manage supplier assessment plan.
- Review supplier IT Security Assessment reports delivered by external stakeholders to ensure quality of risk evaluation.
- Design risk mitigation action plans to improve security posture of suppliers.
- Work closely with suppliers and internal teams to guide and oversee remediation efforts, ensuring compliance with security best practices and industry standards.
- Facilitate communication and coordination between internal teams and suppliers to ensure timely resolution of identified security weaknesses.
- Provide guidance and recommendations to suppliers on security measures and risk mitigation strategies based on assessment findings.
- Document findings, remediation progress, and lessons learned for continuous improvement and knowledge sharing within the organization.
Skills:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Demonstrated experience in information security, particularly in security risk assessments and vulnerability management.
- Proficiency in assessing security vulnerabilities and their potential impact on systems and networks.
- Strong understanding of industry-standard security frameworks (e.g., ISO 27001, NIST, CIS). - Excellent communication and interpersonal skills to collaborate effectively with internal and external stakeholders.
-English is a must.
- Experience in coordinating and driving remediation efforts to address identified security vulnerabilities.
- Certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are a plus.