Manager - IT Risk & Security
Independent Contractors Only

Industry: Banking & Advisory
Location: Cataluna, mostly on-site
Language: English & Spanish (pre)
Rate: €500 - €550,- per day
Duration: Q4 (3 Months) - possibility to extend

For an exciting project with a world-renowned firm, collaborating with a regulatory body, we are currently looking for an expert consultant operating at the highest level, to assist in the following tasks:
Responsibilities
Review of the institution’s IT risk and specifically their IT security management by the means of:

1. Assessment of network security controls and architecture: Evaluate the design and operational effectiveness of the institution’s network protection measures, including firewalls, intrusion detection/prevention systems, network segmentation, and secure remote access solutions.
2. Evaluation of system-level protection mechanisms: Review technical and organizational safeguards in place to protect IT systems, including endpoint protection, access control mechanisms, and configuration hardening of infrastructure components
3. Examination of continuous monitoring capabilities: Assess the institution’s ability to detect, monitor, and respond to anomalous or unauthorized activities through SIEM tools, log management practices, and alert response processes.
4. Review of end-of-life (EOL) hardware lifecycle management: Verify that the institution has identified EOL hardware and associated firmware, and that it manages associated risks through decommissioning, risk mitigation, or compensating controls. Emphasis will be placed on inventory management, EOL tracking, and security risk treatment.
5. Using a variety of inspection techniques including, but not limited to, observation, information verification and analysis, targeted interviews, walk-through testing, sampling and validation of data.

Required Experience
- 10+ years relevant work experience in auditing, advisory, or financial services. 
- Deep knowledge on aspects of IT Security including in specific, network security, platform security and security monitoring.

If you fit the above description and have availability in Q4 to take on a challening assignment in a top-level environment, we look forward to receiving your CV.