Chief Information Security Officer CISO

CISO Location: Valencia Spain As our CISO you will develop and implement comprehensive security strategies policies and procedures aligned with industry best practices and regulatory requirements. You will work closely with crossfunctional teams to identify risks devise preventive measures and ensure compliance with relevant infrastructural and cybersecurity regulations. Hierarchy and interaction Reports to Group CEO In interaction with all departments at global level Key

Responsibilities :
1. Risk Management and Regulatory Compliance: o Evaluate and mitigate cybersecurity risks. o Ensure the organization complies with applicable security regulations and standards.
2. Network and Systems Security Monitoring: o Monitor IT infrastructure for threats and vulnerabilities. o Implement security measures such as firewalls IDS/IPS and malware detection systems.
3. Security Planning and Strategy: o Develop and update security policies and procedures. o Define the organization's longterm security strategy.
4. Security Incident Response: o Coordinate and monitoring the response to security incidents such as cyberattacks or data breaches including investigations root cause analysis and developing corrective action. o Minimize the impact and restore normalcy as soon as possible.
5. Education and Awareness: o Train staff in secure IT practices and raise awareness of the importance of security. o Foster a culture of safety throughout the organization.
6. Collaboration with Other Departments: o Work with development operations and other teams to integrate security into business processes. o Collaborate with the legal team on privacy and compliance issues.
7. Promote security awareness and training activities in their area of responsibility.
8. Responsible for ISO () ISO de Security and continuity (ISO 27001 y 22301) and ENS Audits.
9. Customers and Supplier Approvals Homologations
10. Establishing and maintaining strong relationships with external stakeholders such as regulatory bodies law enforcement agencies and industry associations.

Requirements :
7 years of experience in a senior security management role
Demonstrable track record of developing and implementing security strategies and frameworks.
Excellent knowledge of applicable laws regulations and industry standards related to infrastructure security in an organization.
Knowledge and experience of the ETSI technical standards applicable to Trust Service Providers according to the eIDAS regulation
Knowledge on requirements of the National Security Scheme ISO standards related to information security and the NIS2 Directive are required.
Certifications such as CISSP CISM or CRISC. Language Skills: Proficiency in English and French is required.