Main Tasks And Responsibilities
Noesis is looking for candidates with the following profile:
Assist the ISO in implementing the information and cyber security strategy and program;
Support the development and implementation of a risk management methodology aligned with company' strategy and policies;
Ensure alignment between information and cyber security risk management and the company risk management framework;
Provide guidance and support on information and cyber security risk management activities;
Assess the effectiveness of security controls in IT and OT environments;
Monitor information and cyber security risks by evaluating control implementation, asset vulnerabilities, threat landscapes, and security incidents;
Report risk trends to Risk Owners and other relevant committees;
Develop and maintain security documentation, including standards, processes, procedures, guidelines, contractual clauses, and control catalogs;
Design and maintain an unified IT and OT security architecture aligned with the overall security strategy;
Establish a security architecture repository: principles, terminology, security services, control frameworks, and reference models;
Support first-line teams in identifying and addressing cyber security risks and requirements in new products, projects, processes, and services;
Develop and implement security education, training, and awareness programs to foster security-conscious behaviors across IT and OT environments;
Provide evidence of risk oversight and control implementation for internal and external audits;
Communicate the status and progress of the security program to key stakeholders;
Monitor compliance with security architecture and standards;
Collect and analyze key performance and effectiveness metrics to support decision-making and inform the ISO.
Qualifications
Requirements:
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related;
3+yearsof experience in Information Security GRC;
Strong knowledge of security frameworks (ISO *****, ISO*****, NIST, IEC *****);
Familiarity with regulatory requirements such as GDPR, NIS2, etc;
Experience with risk management tools, compliance platforms, and security monitoring solutions;
Experience conducting security audits and risk assessments;
Understanding of IT security principles, cloud security, and network security;
Fluent English;
Availability to travel, mainly in Europe.
Key Skills
Challenges-driven, rigorous, strong commitment;
Critical-thinking and problem-solving skills;
Keento learn;
Comfortable working with high autonomy and as a team player;
Capacityto handle sensitive and confidential information;
Organized withthe capacity to handle multiple projects simultaneously;
Communication and collaboration skills to work effectively with cross-functional teams and external stakeholders, with the capacity to adapt your communication;
Passionate about cybersecurity and staying up-to-date on the latest threats and trends.
If you meet these conditions and would like to join an innovative organization that continuously invests in training its talents, send us your application.
Join us. Let's innovate together
All our recruitment and selection processes are based on equal opportunities, valuing the competence and potential of each person and ensuring that no candidate is discriminated on the grounds of gender, ethnicity, sexual orientation, age, religion or physical condition.