Devoteam Cyber Trust | GRC Consultant (Business Continuity & Operational Security Manager) | Banking Sector

Devoteam Cyber Trust is seeking a dedicated Information Security Specialist to ensure the implementation of strategic security guidelines as defined by the second line of defence. 

The successful candidate will be responsible for defining and documenting contingency procedures aligned with business continuity principles, ensuring the resilience and security of our technical infrastructure.

• Elaborate manuals and procedures for the Systems and Telecommunications Department, ensuring alignment with Information Security Policies and validating their practical implementation.

• Guarantee the rigorous management and updating of implemented security control records.

• Participate in technical architecture reviews for the implementation of new solutions, ensuring the validation of security configurations.

• Ensure the implementation of security requirements in Systems and Telecommunications projects, in compliance with defined standards.

• Maintain the Business Continuity Plan (BCP), including prevention, response, and recovery strategies.

• Perform Business Continuity Plan and Disaster Recovery Plan exercises, producing reports that document results and propose improvements.

• Record identified incidents, risks, and deviations, ensuring the preparation and delivery of regular reports.

• A Master’s degree in IT Engineering, Information Security, or a similar field.

• A minimum of 3 to 5 years of professional experience.

• Training in Cybersecurity and/or Security Management.

• Proven knowledge of DORA regulations and ISO 27001:2022.

• Formal training in ISO 22301 and business continuity management.

• Excellent organisational, analytical, and problem-solving skills.

• Strong sense of ethics, integrity, and responsibility.

• Excellent communication and teamwork skills.

• Fluency in written and spoken English required.

Nice to Have:

• Relevant certifications such as ISO 27001, ISO 27005, ISO 22301, ISO 31000, CISSP, CISM, CRISC, CISA, or similar are highly valued.

• Proficiency in SpanDish.

• Active participation and contribution to GRC, cybersecurity, and DORA-related communities, forums, or professional networks.

The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.