Mission

Perform the management of the audit processes supported by SGT minimizing the impacts on the organization and identifying improvement opportunities to obtain better audit results. Increase the awareness level of the organization in GDPR, cybersecurity and best practices.

Functions

Management of External and Internal Audits:

• Planning
• Process/evidence analysis and evaluation
• Interlocution with technical teams
• Agreement of recommendations with audit

Remediation of Recommendations:

• Definition of action plans and remediation proposal
• Monitoring of implementation
• Evaluation of the implemented solution

SOX Certification and ICM management.

Reporting

• Dashboards
• Report to management

GDPR: The DPO will report directly to the person in charge of Regulation & Awareness.

Awareness:

• Cybersecurity training plan
• Phishing campaigns

Requirements

• Bachelor’s degree or higher studies (computer science, telecommunications…)
• Certifications (CISA, CISM..)
• English Advanced

Experience

• At least 7 years of experience, 3 of them in a position in a similar organization.
• Experience in Project Management: Important general knowledge of systems technique and good knowledge/understanding of operating systems, data base, communications, backups, monitoring.
• Experience in direct dialogue with technical managers, with negotiation skills, people skills and attitude to deal with multiple areas, find the right interlocutors, etc. Extrapolation of results. International auditing standards and methodology (ISO27001, SOC1, SOC2, ITIL…)
• Experience in ITGCs. Experience in evaluation of IT environments (AS400, HOST, SAP, SSMM, BBDD, Network, SIEM, DDoS…)