GF_IT-E484
Information Security Analyst - Full Time - Madrid, Spain

Sulzer is a leading engineering company with a proud heritage of innovation. Join our global team to grow your expertise and develop innovative solutions that enable a prosperous and more sustainable society.

Are you a cybersecurity enthusiast with a passion for making a meaningful impact on a global scale? Join our global IT Security Team (CISO Office) as an Information Security Analyst and play a pivotal role in fortifying our digital fortress. At Sulzer, we believe in fostering innovation and excellence, and we are on the lookout for a talented professional to contribute to our dynamic cybersecurity landscape.

Your main tasks and responsibilities:

• Collaborate on the design, implementation, and maintenance of our cutting-edge Information Security Management System (ISMS).
• Contribute to the development and management of security policies, standards, guidelines, and procedures. Work closely with our CISO on policy exceptions, security tickets, and changes.
• Ensure compliance with security directives based on the NIST Cybersecurity Framework through continuous monitoring of our expansive IT landscape.
• Take charge of the information security risk assessment and control framework, aligning it with industry standards.
• Support cybersecurity audits and assessment from different customers or legal entities.
• Play a key role in disaster recovery reviews, ensuring our systems are resilient and can withstand unforeseen challenges.
• Engage in reviews of vendors, suppliers, as well as contracts, data flow diagrams and questionnaires to guarantee alignment with security standards.
• Conduct Gap analysis (framework vs directives, regulations) to prioritize security initiatives.
• Support and conduct vulnerability scans, reviews, to design remediation plans with the involved stakeholders.
• Collaborate with executives to prioritize regional or global security initiatives, cybersecurity awareness and training plan and applying risk management methodologies.

To succeed in this role, you will need:

• A Bachelor’s degree in Computer Science or relevant field experience.
• Minimum of 5 years of working experience, with a proven track record of effective collaboration between IT and Business stakeholders.
• Strong knowledge of Information Security, Risk Management, NIST Cybersecurity Framework and Controls, Directives and other standards (ISO 27001, ISO 22301, IEC 62443)
• Proficiency in Windows-based operating systems and networks, with the ability to analyze security issues.
• Demonstrated ability to analyze, triage, and escalate security incidents. Good understanding of the current threat landscape, including common attack types and malware capabilities.
• Excellent communication skills in English.
• CISSP, CEH, or equivalent certifications are highly desired.

What we offer you:

• A competitive salary as well as participation in the variable remuneration system based on personal and financial objectives.
• Restaurant tickets.
• Permanent contract.
• Accident insurance.
• Working from home according to local policy.

No visa or work permit support can be provided for this role

Sulzer is an equal opportunity employer. We believe in the strength of a diverse workforce and are committed to offering an inclusive work environment.
We are proud to be recognized as a Top Employer 2024 in Brazil, China, Germany, Switzerland, the United Kingdom and the United States.