Empresa:

Decskill

Descrição da Função

Decskill was founded in 2014 as an IT Consulting Company and their main mission is to delivery value through the knowledge. We enable companies to meet the chalenges of digital world by providing our clients with business models that ensure technological capacity, flexibility and agility. We are more than 500 consultants with offices in Lisbon, Porto and Madrid.

DECSKILL operates in 3 main areas:

• DECSKILL TALENT, through which we provide our clients with an extension to their IT teams;

• DECSKILL BOOST, through which we provide our client with software development models to increase capacity and optimize Time-to-Market, where we create and manage teams that deliver according to their needs, at the desired speed;

• DECSKILL CONNECT, through which we provide our client with consulting services, as well as the implementation and management of information technology infrastructures.

Our practice results in the creation of value for our customers, either by delivering qualified and value-added services, or through highly qualified and motivated professionals, as well as technology solutions that allow us to operate and transform the business of our customers.

We are looking for an Cyber Security Expert!

Responsibilities:

APPLICATION SECURITY

• Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices.
• Identify and implement the latest security standards for internet facing and internal assets
• Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing.
• SAST, Dynamic Acceptance Security Testing DAST and Software Composition Analysis " SCA).
• Perform Security risk assessments and reviews to be presented to respective committees.
• Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager s location and hosting provider

IT SECURITY COMPLIANCE

• Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets.
• Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes.
• Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS, FSC), EU (DORA), Switzerland (FINMA).
• Leveraging on a deep knowledge of Security standards such as NIST, CIS, ISO2700x, ensure the compliance with the IT security requirements.
• Ensure the compliance with the Third-party Technology risks and Cloud security Identify the process gaps and provide solutions.

CYBER SECURITY

• Ensure the coordination with other IT security or other actors in the region or globally.
• Assist for a Risk Treatment for any WM issue, based on the processes.
• Identify the IT security risks in advance, record and follow-up them.
• Define and contribute to processes from cybersecurity perspective.
• Periodic reporting of security status to WM IT Domain Head and security champion.
• Ensure the regular reporting for management follow-up.
• Handle Cyber alerts & Incident by investigating and following with handlers until the issue is closed.
• Ensure to onboard the Assets & Applications in SIEM and handling BAU, create / update relevant documents.

PRODUCTION SECURITY

• Ensure the effectiveness and success of vulnerability management process.
• Ensure the compliance level of the production environment and integrate to reporting.

Requirements:

• Bachelor's degree in Computer Science, Engineering, or a related field;
• Minimum 5+ years of hands-on experience.
• Application Security experience.
• IT Security experience.
• Compliance experience.
• Cyber Security experience.
• Incident Management experience.
• Vulnerability Management experience.
• Excellent problem-solving skills and a proactive approach to addressing challenges;
• Ability to adapt to different contexts, teams, and Clients;
• Teamwork skills but also a sense of autonomy;
• Motivation for international projects and ok if travel is included;
• Willingness to collaborate with other players;
• Strong communication skills.
• Proficiency in English;
• Availability to be onsite at Client's office in Porto 2x per week.

If you're interested in this job, please send your CV to with reference "CA/Cyber".

Thank You!

Decskill is committed to equality and non-discrimination with all our talents. We recruit and promote talent, based on diversity and inclusion, regardless of age, gender, ethnicity, race, nationality or any other form of discrimination incompatible with the dignity of the human being.

Observações

Lisboa (Portugal)