Red Team Lead (Data Security)

Spektrum supports apex purchasers (NATO, UN, EU and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting

Spektrum are supporting a tier 1 supplier of personnel and services to international Organisations, with more than 2,500 experienced professionals deployed, and active engagements in more than 28 countries spanning 5 continents.

Our support to this client ranges from headhunting, temp and temp to perm personal for both our client and their end clients needs.

Background

The role will be embedded within an International Organisations Global Service Center Base in Valencia serves as a key operational and logistical hub for international missions aimed at maintaining peace and providing humanitarian aid. Located in Spain, this center complements the efforts of its counterpart in Brindisi, working collaboratively to ensure comprehensive support for missions worldwide.

The Valencia base is particularly focused on information and communication technology services. It manages critical IT infrastructure, cybersecurity, and data management systems that are essential for the coordination and execution of global missions. This includes maintaining reliable and secure communication networks, developing and implementing innovative technological solutions, and providing technical support to field operations.

By handling these complex and crucial aspects of mission support, the Valencia base ensures that international operations can rely on robust and efficient technological frameworks. This enables quick and effective responses to crises, enhances coordination among various stakeholders, and supports the overall objectives of global peacekeeping and humanitarian initiatives. The center's dedication to excellence and continuous improvement makes it an integral part of international efforts to address global challenges.

Role Duties and Responsibilities  

You will be responsible for supporting the Global Cybersecurity Strategy, in the area of Information Security and Risk Management including application security, data security, threat, vulnerability, risk, and compliance management 

• Create, implement, and manage cybersecurity Red Team function and processes; 
• Create, implement, and manage incident response function, processes, procedures, training, and playbooks; 
• Improve maturity level of data security to the defined higher level; and measure and report the progress regularly by developing Key Performance Indicators (KPI)/metrics for performance and risk monitoring; 
• Contribute to the review, consistent implementation and compliance-monitoring of client-wide information security policies, operating procedures standards, and guidelines; 
• Coordinate and/or support security audit requests and track follow up on recommendations (including FISMA/NIST 800-53 controls, ISO 27001); 
• Participate actively in the implementation of the Global Cybersecurity Strategy, including the support of awareness-related activities and coordinating global workshops/webinars; 
• Monitors and audits information security controls while measuring results and responding to new risks. Gathers, develops and organizes evidence for security audit; 
• Conduct various threat, vulnerability, risk and compliance assessments; 
• Assist in investigation and audit; 
• Provide advice to requests/tickets related to data security, rotation and access; 
• Provide advisory to support decision-making activities related to information security topics; 
• Perform such other duties as may be assigned. 

Essential Skills and Experience 

• Extensive experience in building a cybersecurity offensive team (RED TEAM); 
• Extensive experience in compliance and risk management; 
• Extensive experience in creating and implementing test cases and test plans; 
• Extensive experience in all aspects of application/data security (definition, implementation and validation); 
• Extensive experience in simulating cyber-attacks and data breaches; 
• Experience defining security strategies aligned with business and strategic objectives. 
• Strong interpersonal skills; 
• Solid organization and document, project management; 
• Strong investigative skills; 
• Strong ability to continue to learn and grow; 
• Basic knowledge of reporting tools (e.g., MS Excel, Power BI, Power BI Report Builder); 
• Ability to translate technical security vulnerabilities into business risk/impact to applications; 
• Demonstrated skill in creating security policies and procedures based on ISO27001, NIST 800-53 and Computer Information System (CIS) controls; 
• Strong analytical and problem-solving skills and proactive thinking skills; 
• Able to articulate complex, technical concepts to non-technical audiences; 

Education 

• Bachelor’s degree in computer science, information systems, mathematics, statistics or related field from an accredited academic institution with two years of relevant professional experience; or a University degree in the above fields with four years of relevant professional experience. 

Desirable Certifications 

• Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified Secure Software Lifecycle Professional (CSSLP), Certified Secure Web Application Engineer (CASE), Certified Secure Web Application Engineer (CSWAE), Governance, Risk, and Compliance Professional (GRCP), Certified Ethical Hacker (CEH), or related will be a distinct advantage in addition to cloud computing certifications at associate/professional/specialty level from Azure and/or AWS. 
• Information Technology Infrastructure Library (ITIL) and Prince2 Foundation are added advantages 

Language Proficiency

• Business English

Working Location 

• Valencia, Spain 

Working Policy 

• On-Site