Descripción de la oferta
Senior Security Consultant About the role We are looking for a Senior Security Consultant to join the Group Information Security team as part of a strategic, multi-year transformation program. This role focuses on the design, evolution, and governance of the Minimum Technical Security Baseline (MTSB) framework across the organization. You will provide deep technical expertise to define and refine security baselines aligned with corporate risk, working closely with Product SMEs, Security Leads, and governance bodies. Operating at the intersection of technical security controls and enterprise governance , you will help ensure consistent, measurable, and enforceable security standards across infrastructure, cloud, endpoints, and enterprise platforms. If you combine strong technical foundations with the ability to align stakeholders and operate within governance structures, this role is for you. What you’ll do Define and update technical security baselines based on corporate risk exposure and threat landscape. Select and tailor controls from Center for Internet Security (CIS Benchmarks) to align with enterprise requirements. Organize and lead workshops with Product SMEs to refine control applicability, feasibility, and remediation impact. Validate and converge control selections within governance forums (e.g., Control Implementation Working Groups). Maintain and evolve a large-scale security controls framework (+100 high-level controls and thousands of low-level controls). Support product teams and entities during control implementation and remediation phases. Provide structured follow-up and reporting inputs for steering committees and executive governance bodies. Act as a technical authority across infrastructure, cloud, endpoint, and security tooling domains. Must Have 5+ years of experience in IT Operations and Information Security. Proven expertise in CIS Benchmarks, hardening standards, and technical security baselines . Strong understanding of enterprise IT environments: Servers (Windows / Linux); Workstations & mobile; Networks & access control; Cloud (AWS / Azure / GCP); Microsoft 365; Security tools (EDR, AV, proxy, patching solutions) Experience working within security governance and control frameworks. Ability to deep dive technically while aligning stakeholders in governance settings. Experience supporting large-scale control implementation programs. Fluent English (mandatory). Strong communication and workshop facilitation skills. ✨ Nice to Have Experience in large international or matrix organizations. Exposure to ISO 27001, NIST, or enterprise security frameworks. Previous experience working within a Group CISO / Corporate Security function. Experience presenting in executive steering committees. Background in cloud security architecture or enterprise security engineering.
