Cybersecurity Professional - Risk and Compliance

beBee Careers
19, June 2025
Cibersegurança
Tempo inteiro

Descrição do trabalho

Security Engineer and Risk Specialist
">

We are seeking a highly skilled Security Engineer and Risk Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for designing and implementing secure configurations, automating security processes, and supporting threat hunting, root cause analysis, and incident response.

  • Responsibilities:
  • Apply secure configuration baselines and hardening across operating systems, databases, and cloud platforms.
  • Automate security processes to boost efficiency and reduce manual effort.
  • Support security and vulnerability assessments and patch implementation.
  • Contribute to threat hunting, root cause analysis, and incident response.
  • Identify and assess IT security risks; design and monitor mitigation strategies.
  • Define and enforce security policies, standards, and procedures.
  • Ensure compliance with key regulations and frameworks: NIS2, GDPR, ISO 27001, NIST, IEC 62443, Chinese cybersecurity regulations.
  • Perform third-party risk assessments.
  • Support implementation of business continuity and incident response plans.
  • Requirements:
  • Bachelor's degree in Information Security, Computer Science, or related field.
  • 8-12 years of experience in cybersecurity, with both GRC and hands-on engineering background.
  • Strong understanding of NIS2, GDPR, ISO 27001, NIST, and Chinese data/cybersecurity regulations.
  • Working knowledge of Azure, AWS, or OCI cloud security services.
  • Experience with tools like SIEM, EDR, vulnerability scanners, and cloud-native security controls.
  • Solid grasp of IAM concepts (SSO, MFA, PAM, access reviews).
  • Familiarity with GRC tools, risk assessments, and data protection best practices.
  • Certifications such as CISSP, CRISC, CISA, or ISO/IEC 27001 Lead Auditor are a strong plus.
  • About This Role:
  • Strong technical depth and hands-on engineering mindset.
  • Strategic thinking with a pragmatic, solutions-oriented approach.
  • Clear and persuasive communication across stakeholders.
  • Adaptability to evolving threats, technologies, and regulations.
  • What We're Looking For:
  • A strategic thinker with a passion for cybersecurity.
  • A collaborative team player who can communicate effectively with stakeholders.
  • We Offer:
  • A dynamic and supportive work environment.
  • Ongoing training and development opportunities.
Voltar para homepage