Senior Information Security & Privacy Manager Madrid, Community of Madrid

Our client is seeking a Senior Information Security Manager to advance the security posture of their systems and endpoints globally. This role will develop, manage, and lead strategies, programs, tools, frameworks, and policies, as well as provide technical oversight, control, and governance activities for the information security and data privacy programs. This candidate should be an innovative and strategic thinker with an open and collaborative style that fosters teamwork and provides achievable risk-reduction solutions that meet the company's mission, goals, and objectives.

Responsibilities:

• Lead the development and oversight of required corrective action plans relating to security risks and compliance requirements.
• Implement procedures and methods for auditing and addressing non-compliance to information security standards.
• Undertake and lead regulatory readiness assessments and development of appropriate strategies.
• Evaluate information security and privacy risks of key technology security initiatives within the context of jurisdictional requirements.
• Investigate and resolve privacy incidents related to customer personal data.
• Provide leadership in executing and expanding on the strategy of the Head of IT Security (CISO).
• Lead ICS, OT, and IoT security projects and provide topic subject matter expertise.
• Advise senior management (e. g. , CISO) on cost/benefit analysis of security programs, risk levels, security posture, policies, processes, systems, and elements.
• Develop and govern the third-party service provider/vendor risk management program.
• Coach and mentor associates on matters related to information security and data privacy practices.

Requirements:

• Bachelor of Science or higher in Management Information Systems, Information Security, Computer Science, Information Technology, or related field (or equivalent experience)
• 5-8+ years leading/managing information security and privacy projects and teams
• Highly Experienced - 10+ years
• Required certifications: CISSP or CISM, Issuer ISC2 or ISACA
• Preferred certifications: CIPP/US or E, Issuer IAPP
• Experience adopting and implementing risk management, cyber security, and compliance frameworks (e. g. , ISO 27000-series, NIST-CSF, Swiss Data Protection Act, EU GDPR, GxP)
• Outstanding oral and written communication skills in English. Business fluency in German would be desirable.

If you are interested in this exciting opportunity, please submit your CV. Our client is an equal opportunity employer and welcomes all qualified candidates to apply.

Alternatively, please feel free to reach out to me via jessica. thompson(at)glocomms.com.