CISO - Construction
ESP - FERROVIAL - HQ RdL (Madrid)
Ferrovial
Welcome to the Ferrovial's website, global operator of sustainable infrastructure. Here you can find all the information about the company and subsidiaries.Ferrovial is one of the world’s leading infrastructure operators, committed to developing sustainable solutions.
Our company operates in more than 15 countries and has a workforce of over 24,000 professionals worldwide. Ferrovial is listed simultaneously on 3 stock markets: USA (Nasdaq), the Netherlands (Euronext Amsterdam), and Spain (IBEX 35), and is a member of the Dow Jones Sustainability Index and FTSE4Good.
The aim of Ferrovial Corporation is to design the Company's strategy, establishing global policies, guidelines and action guides related to the different functional areas of the Organization (Internal Audit, Finance, Human Resources, Legal, IT, Innovation, etc.), which subsequently are developed and adapted to the specificities of each Business Unit. Additionally, it performs a function of providing corporate services to the different companies of the group, while consolidating its information.
Job Description:
The Head of Cybersecurity, Ferrovial Construction, is responsible for the oversight and deployment of all adequate measures and controls to provide the Company and its subsidiaries with a reasonable cybersecurity control level. This role will initiate, plan, deploy, maintain, control, improve all aspects of Ferrovial Construction cybersecurity.
Essential Duties and Responsibilities:
- Lead, manage and grow Ferrovial Construction cybersecurity function according to Business needs.
- Develop a cybersecurity practice in Ferrovial Construction that can be relevant to its business units, subsidiaries and joint ventures by defining and implementing a Cybersecurity strategy.
- Negotiate with and for Ferrovial Construction business units, subsidiaries and joint ventures the contracts, conditions and terms regarding the cybersecurity baseline that must be provided.
- Guarantee the deployment of adequate measures and controls onto products and services built through digital and technology initiatives.
- Ensure the maintenance and continuous improvement of such measures and controls along the products and services lifecycle.
- Manage and control security projects including start up and launch of benchmarks and proof of concepts.
- Manage cybersecurity vendors whose services are being provided to Ferrovial Construction business units, subsidiaries and joint ventures.
- Regular communications with Ferrovial Construction senior management to report the cybersecurity posture of their companies, the projects milestones consecution and the compliance situation in terms of cybersecurity.
- Provide support to Ferrovial risk and internal audit department.
- Identify business opportunities to provide enhanced cybersecurity services to Ferrovial Construction business units, subsidiaries and joint ventures.
Qualifications:
Education & Experience:
- Master’s Degree in Computer Science, Engineering, Information Technology or equivalent.
- 7-10+ years of experience in managing complex cybersecurity environments through its full lifecycle.
- Previous experience in power and/or utility sectors.
- Definition, deployment and improvement of security strategies, plans, and governance models in large enterprises and corporations, and in international environments.
- Definition, deployment, and improvement of risk management models.
- OT, ICS, IoT cybersecurity knowledge and experience, especially on the ISA/IEC 62443 Standards, Purdue Model and Defense in Depth implementation.
- Deployment, maintenance and assessment of ISO 27001, NIST CSF and ENS certified environments.
- Identification and treatment of risk derived from laws and compliance requisites.
- Definition, deployment, monitoring, evaluation/testing and improvement of security architectures, infrastructures and services in corporations and international scenarios.
- Architecture models like SASE and Zero-Trust models. Additionally, having demonstrable experience with NIST guides will be an added value.
- Security incident management.
- Business continuity management.
- Cyber Intelligence.
- Audits and security reviews.
- Awareness, communication and training in Cybersecurity.
Professional Qualities:
- CISA, CISM, CISSP, CPP, ISO 27001, SANS… security certifications will be considered and preferred.
- High English level in writing, speech and comprehension, being fluent in conversations is required. The candidate must be able to arrange and conduct meetings and to handle presentations fluently in English.
- Skills in negotiating contracts with regional implications.
- Ability to manage remote teams nationally and internationally.
- Capability to work against tight schedules.
- Must be able to proactively multitask, solve problems and implement innovative processes within a fast-paced environment.
Why Ferrovial?
We would like you to get to know us better, and what it means to join our team.
- Being part of a leading company in its sector and listed simultaneously on 3 stock markets: USA (Nasdaq), the Netherlands (Euronext Amsterdam), and Spain (IBEX 35)
- A solid and innovative company project with challenging roles and projects
- Work with talented professionals in a collaborative environment
- Innovative, creative, and respect work environment thanks to the mix of cultures and diversity of our workforce
- Professional growth opportunities: global and cross Business Units mobility
- Development processes implemented to ensure professional growth
- Compelling benefits & rewards
- Flexibility work-life balance that offers numerous benefits personally and professionally
- Wellbeing initiatives for employees to support your physical and psychological happiness (e.g. psychological support for employees among others)
- Tools to support productivity: Microsoft Copilot available for employees
If you are passionate about challenges, and you think you fit in the described profile, do not hesitate to sign up for the offer. Take the jump! We are waiting for you!
Seize the challenge. Move the world together!
#WeAreFerrovial
* Ferrovial is an equal opportunity employer. We treat all jobs applications equally, regardless of gender, color, race, ethnicity, religion, national origin, age, disability, pregnancy, sexual orientation, gender identity and expression, covered veteran status or protected genetic information (each, a “Protected Class”), or any other protected class in accordance with applicable laws.
*Please note that this job description does not represent a comprehensive list of activities and employees may be requested to undertake other reasonable duties.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISO CISSP Compliance Computer Science Finance Governance ICS IEC 62443 IoT ISO 27001 Monitoring NIST Risk management SANS SASE Strategy
Perks/benefits: Career development Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.