Contrato
Descrição
- Security Strategy and Board Reporting: Security roadmap, KRIs/KPIs, risk register, executive reporting;
- MSSP/SOC Governance (Outsourced Services): SLAs, service reviews, continuous improvement, report and recommendation validation.
- ISO 27001 – Implementation, Certification, and Maintenance: ISMS, policies, control owners, evidence, audits, action plan;
- Policies, Standards, and Processes (Governance): Policies, technical standards, procedures, exception management;
- OT Security Oversight (Factories and Warehouses): Segmentation, monitoring, OT IR playbooks, industrial risk management;
- IAM/PAM and Access Governance (Systems and Data): Access reviews, SoD, privileged access, JIT/JEA, alignment with Entra;
- Application Security and Secure SDLC: Security requirements in Azure DevOps (pipelines, gates, code scanning, approvals);
- Data Protection (Classification, DLP, Retention): Taxonomy, DLP/Purview, retention, and access controls with Data Lead.
Requisitos
Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or related field;
10 - 12 years of experience in Information Security;
5 years of minimum experience in Managerial or head-of-security positions;
Experience managing MSSP/SOC outsourced vendors;
Strong experience in designing security architecture across multi-country environments;
Experience with Microsoft Security Stack (Defender, Sentinel, Entra ID);
ISO 27001 Lead Implementer or Auditor;
CISSP, CISM, or CISA;
Cloud security certifications (Microsoft Security Engineer, SC-100, AZ-500);
OT Security and Risk Management certificates (ISA/IEC 62443);
Proven track record in leading ISO27001 certification projects;
Familiarity with OT/Industrial security highly desirable;
Deep knowledge of cybersecurity governance, risk, compliance, and IT audit;
Understanding of FMCG, manufacturing, or industrial environments (OT/ICS);
Strong grasp of incident response, SOC operations, vulnerability management, and identity governance;
Knowledge of multinational operating models and data privacy requirements (GDPR, local laws);
Cybersecurity governance, processes, and policies;
Incident Response & Crisis Management;
Security Architecture & Risk Assessment;
Communication & Executive Reporting;
Stakeholder management across geographies;
Cloud security (Azure, M365) and On-Premise Security.
Empregador
Indústria do sector alimentar
Indústria do sector alimentar
Confira vagas semelhantes
Gerente de Planificação de Empresa líder em Logística / Transportes
Chefe de projeto adjunto - Especialista técnico nacional de Expertise France
IT Infrastructure & Operations Head de Indústria do sector alimentar
IT Solutions Head de Indústria do sector alimentar
Engenheiro Eletrotécnico Sénior / Coordenador de Projeto de Empresa de Projectos de Construção
Coordenador/a de Eventos/Projetos de Empresa Angolana de Gestão de Eventos Desportivos
Estágio Remunerado para Engenharias: Civil e Ambiental - Luanda / Cabinda / Benguela de GEMCORP ANGOLA
Estágio Remunerado para Administração e Psicologia do Trabalho - Luanda / Cabinda / Benguela de GEMCORP ANGOLA