Consultant

Technical knowledge required: Development Security, Cloud, Artificial Intelligence, Security Architecture. Soft skills: Prepare presentations, synthesis skills, research skills. Support in the materialization of the SSDLC strategy (attending follow-up meetings, identifying pain points, listing next steps, preparing situation presentations, proposing process drafts, etc.) and Security in Al (researching aspects of the implementation of the SSDLC strategy (attending follow-up meetings, identifying pain points, listing next steps, preparing situation presentations, proposing process drafts, etc.) Job Description: 1. Knowledge of deployment tools and automations GitHub, Ansible, terraform, jenkins... 2. Knowledge of SSDLC tools such as SAST (Fortify), ImageScanning (Sysdig), SCA (Sona Type), and Threat Modeling (IriusRisk). 3. Knowledge about vulnerabilities and different security elements such as CVE's 4. Knowledge of security frameworks such as NIS2 5. Knowledge of safety regulations such as ISO27001 and ENS 6. Knowledge in the monitoring of Posture Management and Compliance of deployed elements. 7. Ease of reporting based on compliance data. Daily tasks although in reality there are many meetings where all the tasks are taken out of Cyber and we put our vision as CISO Meeting with the CISO team. Review of blocked to-dos by CISO. Review asset compliance levels and pursue the teams with the worst numbers. Attendance at numerous CISO committees. Review of the Global CISO strategy and its alignment with the different teams/entities. Preparation of miscellaneous reports and meeting minutes.