Especialista Senior de Gobernanza de Ciberseguridad

About the role

The Senior Cybersecurity Governance Specialist will lead site‑level security governance activities, ensuring alignment with annual security plans and corporate standards. This role supports the translation of regulatory, policy, and threat landscape changes into actionable site initiatives.

Key responsibilities

• Implement and maintain information security policies, standards, and procedures at the site level.
• Coordinate documentation for security exceptions, compensating controls, and risk acceptance.
• Lead ICT asset risk assessments for applications and infrastructure, including OT connectivity and manufacturing cybersecurity risks.
• Maintain incident response governance documentation and escalation procedures.
• Support security gate reviews for new systems, applications, and business initiatives.
• Track findings from vulnerability assessments, penetration testing, and internal/external audits.
• Prepare audit evidence, reports, and remediation documentation, and follow up on audit findings.
• Coordinate third‑party vendor security assessments and manage related risks.
• Serve as the primary cyber‑governance point of contact for the site, aligning local and outsourced security teams with enterprise standards.
• Deliver dashboards and status reports to IT leadership and headquarters stakeholders.

Required profile

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Experience in cybersecurity governance, risk management, compliance, or audit roles.
• Understanding of enterprise IT and manufacturing/OT environments.
• Strong analytical, documentation, and coordination abilities.
• Ability to work independently and manage multiple governance activities.

Required skills

• Knowledge of NIST framework.
• Familiarity with ISO 27001 standards.
• Understanding of IEC 62443 for industrial control systems.
• Security certifications such as Security+, CISM, or CRISC.
• Experience with vulnerability assessments and penetration testing.