Empresa Multinacional, está en búsqueda del siguiente de "Central Cybersecurity Engineering Manager"

Es hibrido en Monterrey

100% nómina mas prestaciones superiores

Inglés fluido

Adapt the Information Security management in Central based on the guidelines definition and apply the global methodologies. Ensure the correct classification of assets, processes, and applications and set the security measures to protect the assets. Also, this area ensures the security of Infrastructure and Architecture, applies the security baselines, and monitors the IAM level of compliance 

Criticality classification of process /application /asset and information assets

- Classify and categorize the criticality of processes, applications, and information assets based on the global criteria

- Establish an inventory with the information required by the global area and ensure its classification

- Report the status of the quality level of classification of the processes, applications, assets, and information assets, based on the criteria established by the global area

Information Security

- Apply the Global Information Security management framework ensuring the confidentiality, integrity, and availability of information and its related assets. The regions should:

   - Apply the global methodology to classify the critical processes /applications/information assets based on their impact determined by the framework (confidentiality, availability, and integrity)

   - Establish the measures to ensure the protection of the assets based on their classification

Infrastructure & Architecture Security

- Apply the security standards established by the global area in the regional technological Architecture

- Apply the security solutions and measures established by the global area in projects of technological Infrastructure

- Report the situation to the global area

Applicative Cybersecurity

- Apply the security baselines established by the global area within the region (servers, databases, applications…)

- Report the level of the baseline's implementation to the global areas

Identity and Access Management

- Adopt and apply the global guidelines and standards of the Access and Identity Management Systems

- Integrate the applications in IAM tools, Password Management, Privileged Users, etc.

- Report the situation to the global area

Education and Experience

- Bachelor's degree in Information Security, Computer Science, Management of Information Systems or related field  

- Master's degree in security/engineering, computer science or business information systems is preferred

- Full professional proficiency in English and Spanish      

- 6+ years of multi-disciplinary Information Security and Information Technology experience

- Vendor independent security certifications (e.g. CISA, CRISC, CISSP, CEH, ...)

- Strong understanding of common best practices, frameworks and regulations (NIST 800-53, ISO 27001, CIS, etc.) 

- Demonstrated experience in Cyber Security risks, follow-up on risk treatment plans and monitor their implementation, learn from problems and identify potential for improvements

- Demonstrated track record of efficient, scaled delivery with small teams, directly taking on and providing deliverables with limited resources, including standing up capabilities ground-up

- Experience in vendor-related contract reviews and legal processes

Skills and Abilities

- Excellent verbal communication skills  

- Excellent customer service attitude 

- Well-developed problem-solving skills 

- Strong communication skills (written and verbal) allowing them to communicate with both technical and non-technical audiences

- Project management skills: financial/budget management, scheduling and resource management

- Broad knowledge across all relevant facets of a holistic, modern cybersecurity program, including strong understanding of current and emerging trends and threats 

- Ability to support comprehensive RFPs, addressing all compliance and regulations-related issues    

- Willing to travel when needed 

- Availability to solve unexpected incidents or problems related to the job position