Data Security Lead

Spektrum supports apex purchasers (NATO, UN, EU and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting

Spektrum are supporting a tier 1 supplier of personnel and services to international Organisations, with more than 2,500 experienced professionals deployed, and active engagements in more than 28 countries spanning 5 continents.

Our support to this client ranges from headhunting, temp and temp to perm personal for both our client and their end clients needs.

Background

The role will be embedded within an International Organisations Global Service Center Base in Valencia serves as a key operational and logistical hub for international missions aimed at maintaining peace and providing humanitarian aid. Located in Spain, this center complements the efforts of its counterpart in Brindisi, working collaboratively to ensure comprehensive support for missions worldwide.

The Valencia base is particularly focused on information and communication technology services. It manages critical IT infrastructure, cybersecurity, and data management systems that are essential for the coordination and execution of global missions. This includes maintaining reliable and secure communication networks, developing and implementing innovative technological solutions, and providing technical support to field operations.

By handling these complex and crucial aspects of mission support, the Valencia base ensures that international operations can rely on robust and efficient technological frameworks. This enables quick and effective responses to crises, enhances coordination among various stakeholders, and supports the overall objectives of global peacekeeping and humanitarian initiatives. The center's dedication to excellence and continuous improvement makes it an integral part of international efforts to address global challenges.

Role Duties and Responsibilities  

You will be responsible for supporting the Global Cybersecurity Strategy, in the area of Information Security and Risk Management including application security, data security threat, vulnerability, risk and compliance management. 

• Create, implement, and manage Data Security functions and processes; 
• Create, implement, and manage data loss prevention program including processes, procedures, training, and playbooks; 
• Improve maturity level of data security to the defined higher level; and measure and report the progress regularly by developing Key Performance Indicators (KPI)/metrics for performance and risk monitoring; 
• Contribute to the review, consistent implementation and compliance-monitoring of Client information security policies, operating procedures standards, and guidelines; 
• Coordinate and/or support security audit requests and track follow-up on recommendations (including FISMA/NIST 800-53 controls, ISO 27001); 
• Participate actively in the implementation of the Global Cybersecurity Strategy, including the support of awareness-related activities and coordinating global workshops/webinars; 
• Monitors and audits information security controls while measuring results and responding to new risks. Gathers, develops and organizes evidence for security audit; 
• Conduct threat, vulnerability, risk and compliance assessments; 
• Conduct data protection impact assessments; 
• Assist in investigation and audit; 
• Provide advice to request/tickets related to data security, rotation and access; 
• Provide advisory to support decision-making activities related to data security topics; 
• Perform such other duties as may be assigned. 

Essential Skills and Experience 

• Strong interpersonal skills; 
• Solid organization and document, project management; 
• Strong investigative skills; 
• Strong ability to continue to learn and grow; 
• Basic knowledge of reporting tools (e.g., MS Excel, Power BI, Power BI Report Builder); 
• Ability to translate technical security vulnerabilities into business risk/impact to applications; 
• Demonstrated skill in creating security policies and procedures based on ISO27001, NIST 800-53 and Computer Information System (CIS) controls; 
• Strong analytical and problem-solving skills and proactive thinking skills; 
• Able to articulate complex, technical concepts to non-technical audiences; 
• Strong English oral and written communication skills. 
• Extensive experience in building a data management process; 
• Extensive experience in data governance, compliance and risk management; 
• Extensive experience in creating and implementing a data loss prevention program; 
• Extensive experience in all aspects of application/data security (definition, implementation and validation); 
• Extensive experience in access control management; 
• Experience defining data security strategies aligned with business and strategic objectives 

Education 

• Bachelor’s degree in computer science, information systems, mathematics, statistics or related field from an accredited academic institution with two years of relevant professional experience; or 
• University degree in the above fields with four years of relevant professional experience. 

Desirable Certifications 

• Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified Secure Software Lifecycle Professional (CSSLP), Certified Secure Web Application Engineer (CASE), Certified Secure Web Application Engineer (CSWAE), Governance, Risk, and Compliance Professional (GRCP), Certified Ethical Hacker (CEH), or related will be a distinct advantage in addition to cloud computing certifications at associate/professional/specialty level from Azure and/or AWS. 
• Information Technology Infrastructure Library (ITIL) and Prince2 Foundation are added advantages. 
• Microsoft Purview working knowledge is desirable. 

Working Location 

• Valencia, Spain 

Working Policy 

• On-Site