Global Chief Information Security Officer (CISO)
Adevinta
Barcelona, Catalunya, Spain
hace 3 días
Job Description

Our purpose is to create perfect matches on the worlds most trusted marketplaces;  our first CISO for Global Markets and Central P&T will play a key role in maintaining our high levels of trust by establishing an information security program that protects our users and a significant part of the digital ecosystem in which Adevinta operates. 

  • The CISO will report to the Chief Product & Technology Officer and serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies.
  • Chair the CISO committee with the local CISOs of the business units. The CISO Committee defines the corporate security policies and standards based on best practices. Building and reaching consensus is the default decision-making approach.
  • Define mechanisms to review marketplaces alignment with respect to the corporate security policies, practices and guidelines and ensure that security is embedded in all project delivery processes
  • Coordinate with other security managers across Adevinta, both with central functions security specialists and with local CISOs and DPOs of the marketplaces
  • Provide expertise and/or services (as required) to countries or functions (i.e. IT function) that do not have a specific security role in place.
  • Ensure appropriate levels of confidentiality, integrity, safety, privacy, and recovery of the Adevinta’s information assets
  • Understand Adevinta's corporate security gaps and define initiatives for their resolution
  • Maintain an up-to-date record of security risks and mitigation plans
  • Define and facilitate the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings
  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action
  • Work with Adevinta’s head of Risk, Assurance and Compliance to ensure that all policies and procedures are effectively implemented
  • Work closely with the Security engineering group in the Platform engineering area to ensure wing2wing coverage
  • Act as Security Authority. Review and assess requests that deviate from the corporate principles, strategies, policies, and standards
  • Keep on top of the latest security technologies and identify opportunities to implement them in Adevinta's IT landscape

What do we have to offer:

  • A unique position in an international and dynamic environment
  • Opportunities to work on a global level, with senior management on strategic issues
  • Excellent growth opportunities close to top management and their priorities
  • The chance to be a key player in a growing, highly skilled team
  • Competitive compensation package
  • Great colleagues and a healthy working environment

Qualifications

  • Proven experience in planning, organizing, and developing IT security and facility security system technologies
  • Deep knowledge of information security technologies, compliance and regulatory matters, information governance and privacy best practices
  • Solid understanding of public cloud models (e.g. Amazon AWS, Microsoft Azure, OpenStack, Google Cloud, etc.) and its security implications
  • Extensive knowledge of DevOps culture and high awareness of its security implications
  • Ability in extracting/translating findings into alternatives/solutions, identifying risks/impacts and schedule adjustments to facilitate management decision-making
  • Ability to adapt to a fast-moving IT landscape and keep pace with new security technologies
  • Experience operating with agile delivery approaches
  • Understanding of total cost ownership of IT assets and functions
  • Must show initiative, proactively finding and solving problems
  • Be a business-focused, creative, innovative, pragmatic, and positive team player. Your posture is “can do”, not “cannot do”. Your first thought is not “Let’s avoid this”, it is “How can we do this and manage risk?”
  • Ownership and result oriented person
  • Have a team-player spirit, which benefits the group vs the individual
  • Have strong influencing and collaboration skills working with multiple stakeholders across different cultures and geographies to achieve successful business outcomes
  • Strong written, spoken and interpersonal communication skills
  • Technical and business level English is a must
  • It would be great if you would also have:
  • Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
  • Experience in security protocols for networking and communications
  • Knowledge of security architecture (e.g. firewalls, trust-boundaries, encryption, segmentation strategies, Cloud services, etc.)
  • Experience implementing a security program making use of cloud-based infrastructure and services
  • Knowledge in Data Privacy (e.g. GDPR)
  • Experience in Identity and Access Management tools and best practices
  • Experience in Corporate Security auditing
  • Knowledge and understanding of relevant legal and regulatory requirements
  • Experience with contract and vendor negotiations
  • Spanish and French are a highly valuable asset


Additional Information

Adevinta is an equal opportunity employer and value diversity in our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status. If any of the above ticks your boxes, then why not Apply Now to find out more

Reportar esta oferta
checkmark

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

Inscribirse
Mi Correo Electrónico
Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
Continuar
Formulario de postulación