Head of information security and business continuity (CCDO/CDO)
Telefónica
MADRID, ES
hace 16 días

AREA DESCRIPTION :

CISO Area for CCDO and CDO Business Units

MISSION :

  • Ensure that risk management is adequately organised, in line with the Global ISM Strategy (ISM Information Security Management) and Global BCM Strategy (BCM Business Continuity Management) of the Telefonica Group.
  • Define and maintain an ISM and BCM strategy and set it out in Committees (KGIs, KPIs).
  • Advise and give support to the different business areas to define action plans to achieve a maturity level that is consistent with the risk appetite.
  • Be responsible for analyse and improve the Security & Continuity Level of multiple Business Processes (External and Internal, Services and Activities) of the Organization, which are supported by multiple Information Systems.
  • Gain a thorough understanding of the Organization, Business Services and Information Systems and discover weak points in Services / Systems.
  • Apply a Risk-based Convergent Security approach, unifying the security perspectives / domains of different experts (Security Consultant, Security Architect, Penetration Tester, etc.
  • and contemplating all risk factors.

  • Analyse the risks to which the Business Services are exposed and proposing action plans to solve them (including recommendations, safeguards, countermeasures or new projects to improve and update the security of the business services and information systems.
  • Manage projects in a global unit in a complex environment with different organization business units and with an international scope.
  • Define, promote, manage and measure the deployment of IT security strategy and the transformation programs necessary to ensure the alignment of IT with the global corporate security vision and with the business strategy.
  • MAIN DUTIES & RESPONSABILITIES :

    Define and maintain an ISM and BCM strategy in CCDO-CDO, aligned with Global Strategy.

  • Analyze and improve the security & continuity level of Business Processes (External and Internal, Services and Activities).
  • Apply a Risk-based Convergent Security Approach.
  • Identify business risks, security gaps, emerging threats or weak points; and recommend changes, safeguards, countermeasures or action plans to mitigate security risks.
  • Align standards, frameworks and security with overall business and technology strategy.
  • Lead Acceleration and transformation security programs in CCDO - CDO
  • Define IT security projects that will be undertaken in the medium / long term.
  • Manage the evolution of projects, correct possible deviations and make the appropriate adjustments to ensure compliance with objectives.
  • Align global IT security policies and monitor their implementation.
  • Define, review and evolve the IT security governance processes ensuring that IT security requirements are evaluated throughout the life cycle of Business Services.
  • EDUCATION REQUIRED : Higher degree (Computer Science or Telecommunications).

  • Advanced knowledge of common frameworks for Information Security Management (ISO27000 Series, ISF Information Security Forum, CSA STAR, NIST SP 800 Series, etc.)
  • Advanced knowledge of common frameworks for Business Continuity Management (ISO22301, ISO 27031 ICT Continuity Best Practice, etc.)
  • Advanced knowledge in Risk Management (ISO27005, ISO 31000, MAGERIT, ISO 15408 Common Criteria CC , ISF Information Security Forum , NIST SP 800-30, etc.)
  • Advanced knowledge and experience in Regulatory Frameworks Implementation (ISO27001, ISO22301, ENS, LOPD, GDPR, EU NIS Directive, EPCIP, PNPIC, etc.)
  • High technical knowledge of GRC Tools, Network & Endpoint Devices, Security Monitoring, SIEM Technologies, Vulnerability Assessment & Management Tools, Pentesting.
  • Basic technical knowledge of Inventory Technologies, BI & Big Data Security Analytics.
  • Development of executive presentations.
  • Security Certifications (CISM, CISA, CISSP, CGEIT, CRISC, SANS / GIAC*, CCSP, OCSP or similar) SPECIFIC SKILLS : Solid knowledge of Telefonica organization and able to work smoothly with different managers around the world in different units.
  • Project management : Planning, prioritization, risk management and senior Stakeholders management.
  • Excellent oral and written communication with synthesis capacity for executive presentations.
  • Focus on results.
  • High capacity to handle situations under pressure.
  • Teamwork.
  • Ability to coordinate different variables at the same time.
  • Negotiating attitude
  • TECHNICAL KNOWLEDGE : Advanced knowledge of Governance, Risk & Compliance (GRC) Tools (e.g. GesConsultor, SandaS GRC, RSA Archer, MetricStream, etc.)

  • High knowledge of NMS / SIEM Technologies (e.g. Nagios, Zabbix, PandoraFMS, Sensu , RSA, AlienVault, Splunk, LogRhythm, QRadar, etc.).
  • High knowledge of Big Data Security Analytics, Graph Analytics & Business Intelligence Tools (e.g. LogTrust / Devo, MongoDB, Neo4j, ArangoDB, Qlik, Tableau, Microsoft Power BI, etc.)
  • High knowledge of software and standard Information Security Tools.
  • Basic knowledge of ITSM / CMDB / Inventory Technologies (e.g. CMDBuild, BMC Remedy Atrium Discovery, Microsoft SCCM - Intune, GLPI, OCS Inventory, OTRS, etc.)
  • PROFESSIONAL EXPERIENCE : 2 years in similara position and responsabilities. LANGUAGES : English-

  • Fluent- both writing and speaking in this language will be conducted on an on-going basis.
  • Spanish-

  • Fluent- both writing and speaking in this language will be conducted on an on-going basis.
  • Portuguese-

  • Useful (it will be positively evaluated)
  • If you join Telefónica

    You join almost 100 years of history, you join a team of 106 nationalities present in more tan 35 countries. You join a team that works to connect people wherever they are.

    We are leading the digital revolution with the enthusiasm of the first day in all our businesses, creating the best digital ecosystem for our clients : network, IoT, cloud, security, innovation etc.

    Here, at Telefónica you count with everything you need to be the best you. We need people like you that wants to take this challenge of creating the Telefónica of tomorrow.

    WeChooseEveryone

    Our diversity makes us stronger and competitive. There is a place for everyone as we are. At Telefonica we work over 125.

    000 people from 106 different nationalities, seize and this opportunity. We choose it all and yes, we choose everyone.

    Job Segment : Telecom, Telecommunications, Information Security, Corporate Security, Technology, Security

    Inscribirse
    Añadir a favoritos
    Eliminar de mis favoritos
    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", acepto que neuvoo recolecte y procese mis datos de conformidad con lo establecido en su Política de privacidad . Tengo derecho a darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación