Cybersecurity Analyst (Barcelona)

Barcelona - España 25/03/2020

Descripción de la oferta de empleo

Hays is collaborating with the main Spanish multinational listed group.

Our client Fluidra is the global leader in the pool and wellness industry. Founded in 1969, the company has long-Standing experience in developing innovative products and services in the global residential and commercial pool market.
Fluidra operates in more than 45 countries through its subsidiaries and have more than 135 sales offices and 30 production centers around the world, in addition to strategically distributed logistics platforms that support their production and distribution centers.
This global platform enables Fluidra to distribute a great variety of versatile products by adapting to the peculiarities of each region, pool and customer.

What You Will Contribute:

- Perform continuous Network and Application Security vulnerability assessments.
- Contribute to the maintenance and enforcement of corporate security policies, standards, procedures, and guidelines.
- Monitor and verify the effectiveness of security controls, analyse data, trends, and ensure compliance.
- Be a Security advisor for the development teams regarding the software development life-cycle (SDLC) end-to-end, and for the Global IT Infrastructure teams regarding controls and best practices.
- Support in the definition of Application architecture, and controls for new projects.
- Assist, create, and maintain written documentation for processes and procedures within the Cybersecurity team.
- Support the different teams with vulnerability management and risk mitigation.
- Perform Incident management and forensic investigations.
- Contribute to the threat hunting activities, identifying threat vectors, and performing threat management and threat modelling.
- Operate internal threat intelligence Security platforms and technologies.
- Design and run Red and Blue team tabletop exercises.
- Select Training materials, create communications to increase Security awareness and perform Phishing Campaigns.

What we seek:

- At least 3 years of experience with an information security team.
- Penetration testing & Incident response experience (Red and Blue team).
- Good knowledge of information security landscape, cloud security solutions, and current and emerging security threats.
- Experience in designing network & application Security controls, performing threat analysis and Security risk assessments.
- Knowledge of existing Security standards and frameworks: OWASP, NIST CSF, CIS Controls, MITRE ATT&CK.
- Good understanding of OWASP Top 10 and OWASP IoT Top 10 vulnerabilities, and best practices for mitigation.
- Experience with IoT Security, IoT architectures and best practices.
- Knowledge of penetration testing and SAST & DAST tools, and methodologies.
- Experience working with distributed teams.
- Excellent communication skills and ability to work in a fast paced, dynamic environment.
- CISA, CISSP, OSCP, OSCE certifications are a plus.

Datos principales de la oferta

¿No tienes cuenta en

Regístrate como candidato en y vincula tu CV a las ofertas de empleo.

Crea tu cuenta gratis