GF_IT-E484
Information Security Analyst - Full Time - Madrid, Spain
Sulzer is a leading engineering company with a proud heritage of innovation. Join our global team to grow your expertise and develop innovative solutions that enable a prosperous and more sustainable society.
Are you a cybersecurity enthusiast with a passion for making a meaningful impact on a global scale? Join our global IT Security Team (CISO Office) as an Information Security Analyst and play a pivotal role in fortifying our digital fortress. At Sulzer, we believe in fostering innovation and excellence, and we are on the lookout for a talented professional to contribute to our dynamic cybersecurity landscape.
Your main tasks and responsibilities:
• Collaborate on the design, implementation, and maintenance of our cutting-edge Information Security Management System (ISMS).
• Contribute to the development and management of security policies, standards, guidelines, and procedures. Work closely with our CISO on policy exceptions, security tickets, and changes.
• Ensure compliance with security directives based on the NIST Cybersecurity Framework through continuous monitoring of our expansive IT landscape.
• Take charge of the information security risk assessment and control framework, aligning it with industry standards.
• Support cybersecurity audits and assessment from different customers or legal entities.
• Play a key role in disaster recovery reviews, ensuring our systems are resilient and can withstand unforeseen challenges.
• Engage in reviews of vendors, suppliers, as well as contracts, data flow diagrams and questionnaires to guarantee alignment with security standards.
• Conduct Gap analysis (framework vs directives, regulations) to prioritize security initiatives.
• Support and conduct vulnerability scans, reviews, to design remediation plans with the involved stakeholders.
• Collaborate with executives to prioritize regional or global security initiatives, cybersecurity awareness and training plan and applying risk management methodologies.
To succeed in this role, you will need:
• A Bachelor’s degree in Computer Science or relevant field experience.
• Minimum of 5 years of working experience, with a proven track record of effective collaboration between IT and Business stakeholders.
• Strong knowledge of Information Security, Risk Management, NIST Cybersecurity Framework and Controls, Directives and other standards (ISO 27001, ISO 22301, IEC 62443)
• Proficiency in Windows-based operating systems and networks, with the ability to analyze security issues.
• Demonstrated ability to analyze, triage, and escalate security incidents. Good understanding of the current threat landscape, including common attack types and malware capabilities.
• Excellent communication skills in English.
• CISSP, CEH, or equivalent certifications are highly desired.
What we offer you:
• A competitive salary as well as participation in the variable remuneration system based on personal and financial objectives.
• Restaurant tickets.
• Permanent contract.
• Accident insurance.
No visa or work permit support can be provided for this role
Sulzer is an equal opportunity employer. We believe in the strength of a diverse workforce and are committed to offering an inclusive work environment.
We are proud to be recognized as a Top Employer 2024 in Brazil, China, Germany, Switzerland, the United Kingdom and the United States.