Position
Cyber Security Manager
PT, Lisbon
- Permanent
- Digital
- Product & Engineering
We are looking for someone to drive the implementation of security controls across all organization, including corporate and client facing environments,drive security best practices and guarantee secure data management and general security best practices across teams. This will be a senior role working cross-functionally and partnering with Product & Engineering, IT and all functions of Efficio.
Key Responsibilities:
- Ensure security processes are implemented and in place across all our tools and systems.
- Work with all stakeholders to instil a positive security culture within the organisation
- Implement suitable controls to protect and manage data globally.
- Agree and implement Security Road Map for the global organisation.
- Run the Security Operations Centre.
- To analyse various methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the suitable solutions.
- Performs security assessments or audits of internal networks and systems.
- Manage relevant third-party suppliers and vendors to support security practices
- Lead the threat and vulnerability management (TVM), network security, code security, and technical security assessments of vendors, tools, and projects.
- Work closely with product teams, namely,developers, data engineers, and data scientists to promote best security practices.
- Stay up to date with the latest cloud security trends and make recommendations for continuous improvement.
Skills & Experience Required:
- Bachelor’s degree in computer science, information systems, cybersecurity, or a related field preferred.
- 5+ years of experience in cloud security, with hands-on experience in M365 / Azure / AWS;
- Experience working with security concepts in a hybrid cloud environment.
- Experience in SOC, Sentinel and Security functions.
- Hands on experience in managing an enterprise vulnerability management program.
- Strong understanding of cloud security concepts, including IAM, network security, encryption, and secure cloud configurations.
- Knowledge and experience in the areas of M365 Security, Application Security, Data Security, End Point and Mobile Security, and Infrastructure and Network Security.
- Knowledge of security frameworks and standards, such as NIST, ISO/IEC 27001 and OWASP.
- Experience ensuring controls are implemented/automated into the SDLC.
- Ability to translate security-related matters into business terms that are clear and understandable to executives.
- Able to navigate a demanding and high-pressure environment.
- Can think strategically and incorporate business needs into technical roadmaps.
- Ability to work autonomously and to spearhead initiatives.
- Excellent communication and interpersonal skills.
- Good verbal and written communication skills in English.
Wen wir suchen:
Bonus Points:
- Have Microsoft Cybersecurity Architect or AWS Certified Security – Specialty certifications.
- Have CISSP, CISM, GSLC, GPEN, or other security certifications.
- Experience with other Cloud providers namely Oracle Cloud;
- Hands-on experience with IaC tooling such as Terraform;