Digital Security Specialist
Consultant Luís Cespedes
Date posted 1 de marzo de 2017
We are seeking a Digital Security Specialist to join the Barcelona based team.
This position will play a pivotal role in ensuring the security and compliance of new Digital solutions implemented across the company's businesses. Specifically you will assist the company's Digital Services Unit (“DSU”) in securing their solutions in the areas of Web and mobile applications (inc. eCommerce), Omni-channel, Personalized Consumer Experiences and emerging areas such as Internet of Things (IoT) and virtual/augmented reality. The DSU is co-located in Barcelona.
The Digital Security Specialist will conduct systematic security assessments of the company Digital's Solutions (including Web Sites, Mobile and Social Media Applications, Cloud Solutions and associated infrastructure) to identify security risks. Provide advice to the DSU and business to mitigate the security risks and validate compliance with the company’s security standards and potentially industry best practices and standards.
- Ensure new Digital solutions are implemented "Secure & Compliant by Design".
- In conjunction with the company’s Security Operations Center ("SOC") provide an incident investigation and response service for the company's Digital Assets and Solutions.
- Whilst the Digital Security Architect will report administratively to the Regional Security Manager, functionally they will report to the Digital Security Integration Lead.
Your responsibilities will be:
Digital Solution Security Assessments
- Identify and report security risks, non-compliance issues and/security breaches or intrusions, relating to the company’s Digital Assets/Solutions, including Web Sites, Mobile and Social Media Applications, Cloud Solutions and associated infrastructure.
- Risk based security control recommendations for new solutions developed and/or deployed by the Digital Services Unit, GLOBE Technology Solutions or Business Solutions teams.
Digital Solution Security Compliance inc. Reporting
- Analysis and follow-up with the DSU and Markets to ensure Digital Asset vulnerabilities are remediated in a timely manner.
- Support the DSU, the company’s Markets and other functions in scope with internal and external audits on security related topics. Leverage findings and audit checks from one unit into the others and act upon audit findings.
- Analyse and investigate Digital Security Incidents & Events, ensure root causes are identified and vulnerabilities addressed.
Digital Security Capability Development
- Conduct Knowledge Transfer to assist the DSU, Markets and Digital Agencies in understanding the company’s Digital Security Standards and solutions.
- Analyse Digital Security Vulnerabilities, Incidents & Events and associated Metrics to develop training materials and KT sessions to drive continuous improvement.
- Cultivate continuous improvements in Digital Security; this may be achieved using Focussed Improvement methodologies
With a minimum Bachelor's degree in Computer Science, Management Information Systems, Business Administration, Engineering or related discipline with at least 5+ years experience in an IS/IT Security discipline, it will be desirable to count with at least one certification among the following: CISSP, CCSP, GWAPT, GPEN, OSCP, LPT, ECSA, CPT, CEH or PCI.
Being part of a global environment, counting with a fluent oral and written English is a must.
It is also a requirement to count with at least 5+ years experience in the assessment of vulnerabilities on Web Sites, Mobile and Social Media Applications, Cloud Solutions and associated infrastructure, ISMS or Risk Management Experience and also experience in Project Management.
You should also be able to write professional assessments and communicate technical issues in non-technical terms, both orally and in writing, count with a positive and ‘Can-do’ attitude, count with Willingness to continually update IT skills and knowledge, be structured and process oriented, analytical, pragmatic and flexible, be also deliverables focused, time bounded and also be good on your personal time management.
The company offers you the opportunity to be part of an innovation and challenging team in a worldwide FMCG company with international exposure and being in continuous contact with most innovative emerging technologies.
If you consider yourself the perfect professional to address this challenge, do no hesitate to apply for this position.