Descripción de la oferta
Senior Security Consultant
La información a continuación detalla los requisitos del puesto, la experiencia esperada del candidato y las cualificaciones correspondientes.
Project context
Project Details
Location: Madrid
Work mode: Hybrid (1 day on site)
Start date: ASAP
Duration: 6 months
Language: English (mandatory)
Project Summary
Within a Group Information Security team, as part of a strategic security program (2024–2026), the mission is to provide technical expertise on a "Minimum Technical Security Baseline" (MTSB) project.
The role involves defining technical security baselines with product SMEs, supporting implementation and remediation of security controls, and preparing follow‑up materials for governance committees.
The service will be delivered under the management of an Information Security Lead in charge of MTSB.
Main Responsibilities & Key Activities
Define or update MTSB baselines.
Select relevant CIS Benchmark controls or fine‑tune new controls to address identified risks.
Organize workshops with product SMEs to refine security controls (applicability to context, impact analysis for measurement/remediation).
Validate selected controls within a Control Implementation Working Group together with product teams and entities.
Update the MTSB framework with revised baselines.
Provide follow‑up inputs for steering committees.
Support product teams and entities on MTSB baselines.
Contribute technically with IT and security product SMEs to agree on security controls.
Participate in governance bodies to converge on security control selection.
Ensure close and accurate follow‑up of a large security controls framework (+100 high‑level controls and several thousands low‑level controls).
Experience Required
Senior Security Consultant level.
8+ years of expertise in IT operations and security.
Proven expertise in CIS Benchmarks and technical security baselines. xcskxlj
Experience working with IT and security product environments.
Expected skills
Governance participation and control validation – Confirmed
Technical security baselines definition – Expert
Security hardening of systems – Expert
Qualys expertise – Expert
CIS Benchmark expertise – Expert
IT operations and security experience – Expert
Overview of IT and security technologies (server, workstation, network, mobile, access control, AV/EDR/proxy, cloud, M365, patching) – Confirmed
#J-18808-Ljbffr
