IT Security Associate
EcoVadis
- Barcelona
- Permanente
- Tiempo completo
- Active support on security questionnaires, contract reviews and client meetings.
- Define and conduct security reviews (technical and compliance checks) of our network, systems and platforms, and track the remediation of any identified gaps.
- Coordinate and organize evidence gathering for certification testing and audits.
- Delineate and execute a control testing strategy to comply with internal IT Security framework compliance, standards, and other applicable regulations.
- Establish and collaborate in the creation and maintenance of security guidelines for multiple technologies (e.g. SASE solutions, security baselines, etc.)
- Perform security reviews on SaaS applications used internally, and establish a formal process of application sanctioning and periodic review.
- Manage and lead improvements in the resiliency of non-cloud environments and operations (DRP, Backups, Domains, Incident Response).
- Maintain the security posture of our external surface, and manage issue remediations as necessary.
- Ensure proper documentation, configuration and operation of our security protective measures, and ensure that necessary fixes are planned and executed.
- Develop reports, dashboards and other mechanisms to report on project tracking, remediation progress, and other domains that require continuous follow-up.
- Promote an IT Security culture, and collaborate with the team in the creation of articles, FAQs, and documentation related to security awareness and training.
- Advocate for continuous improvement and automation wherever possible.
- Assist with other organization security projects and tasks as required.
- 2+ years of experience in a similar role in a relevant software or internet service industry,
- Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field,
- High level of independence and proactivity. The ideal candidate will be capable of taking initiative, identifying opportunities for improvement, and driving projects forward without constant supervision.
- Strong experience in designing and implementing security guidelines and mechanisms to check adherence to such standards,
- Experience in conducting manual and/or automatic security compliance reviews,
- Good knowledge of IT Security frameworks (e.g. ISO 27001, NIST 800-53, etc.),
- Managing and prioritizing multiple tasks in accordance with high level objectives, and anticipating and addressing challenges as they arise.
- Strong foundation in information security, security engineering, network security, authentication and security protocols, access controls, etc.,
- Experience with engaging external stakeholders (e.g. clients) regarding security protection methods, and agreeing on contractual clauses,
- Educated in the creation of reports and dashboards for different technical and executive stakeholders,
- Ability to conduct research about areas unknown to him/her, and use that knowledge to deliver security guidelines and propose improvements,
- Capacity to be organized and efficient handling diverse tasks simultaneously,
- Ability to adapt and thrive in a fast-changing environment,
- Open to work in an international, multilingual environment,
- Proficient in English (oral and written).
- French language proficiency is an asset,
- Hands-on experience with Google Workspace is a plus.
- Casual and very friendly work environment Hybrid work organization (from the office or from home)
- Hybrid for colleagues who live near our offices (4 days per month)
- Flexible working hours
- Home office allowance program IT equipment allowance
- Working from anywhere policy (3 months per year)
- Opportunity to work in a truly international atmosphere
- Base salary + variable compensation plan
- Meals and Transportation Vouchers (Cobee card)
- Health, Wellness, and Dental Benefits
- Employee referral bonus policy
- Paid employee volunteer day Paid moving day ( 1/year)
- Access to online learning library Virtual and in-person team building events
- Co working space with various services + opportunity to work in different locations (Europe and International)