IT Security Consultant - Evaluation of Suppliers

30 Noviembre 2023
Contrato Freelance

Información Adicional

Ubicación España (remoto)
Skills Cybersecurity / Network / Security
Modalidad Freelance
Idiomas Inglés
Fecha de inicio Enero 2024
Duración Indefinida
Rango salarial 250/300€/jornada
Persona de contacto Carmen J. Martínez
Estado Abierto

Detalles de la oferta

Para una colaboración en uno de nuestros clientes finales internacionales del sector industrial estamos buscando el siguiente perfil:

IT Security Consultant - Evaluation of Suppliers

Contrato indefinido (sueldo a convenir) / posibilidad de contrato freelance (tarifa jornada 250-300€).

100% teletrabajo


  • Responsible for evaluating IT security maturity of suppliers and coordinating the remediation actions to enhance supplier security posture. This role involves in-depth analysis of security findings, collaboration, and coordination with external partners, and driving proactive security measures to mitigate supplier potential risks effectively.


- Collaborate and coordinate with external stakeholders to send self-assessment questionnaire to suppliers and to collect evidence of implemented IT security controls.

- Manage supplier assessment plan.

- Review supplier IT Security Assessment reports delivered by external stakeholders to ensure quality of risk evaluation.

- Design risk mitigation action plans to improve security posture of suppliers.

- Work closely with suppliers and internal teams to guide and oversee remediation efforts, ensuring compliance with security best practices and industry standards.

- Facilitate communication and coordination between internal teams and suppliers to ensure timely resolution of identified security weaknesses.

- Provide guidance and recommendations to suppliers on security measures and risk mitigation strategies based on assessment findings.

- Document findings, remediation progress, and lessons learned for continuous improvement and knowledge sharing within the organization.



- Bachelor's degree in Computer Science, Information Security, or a related field.

- Demonstrated experience in information security, particularly in security risk assessments and vulnerability management.

- Proficiency in assessing security vulnerabilities and their potential impact on systems and networks.

- Strong understanding of industry-standard security frameworks (e.g., ISO 27001, NIST, CIS). - Excellent communication and interpersonal skills to collaborate effectively with internal and external stakeholders.

-English is a must.

- Experience in coordinating and driving remediation efforts to address identified security vulnerabilities.

- Certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are a plus.