Information Security Analyst III

Pismo
Full-time
Brazil
Posted 2 years ago
infosec security aws
Go ad-free with Premium ×
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote System Administration jobs

Summary

The Information Security Analyst - GRC involves performing comprehensive scoping, control assessments, and audit facilitation as part of the certification team. This person will work closely with cross-functional teams to assess risks and controls, work directly with Business Continuity, Disaster Recovery and Crisis Management, and assist with IT audit projects.

 

What you'll do

  • Ensure the security process is governed by organizational policies and practices that are consistently applied;

  • Require that data with similar criticality and sensitivity characteristics be protected consistently regardless of where in the organization it resides;

  • Enforce compliance with the security program in a balanced and consistent manner across the organization and ensure adherence to applicable regulations;

  • Routinely inform the Operations & Technology Committee & Management Risk Committee (MRC) of the overall status of the Institution’s Information Security Program to prevent cyber-attacks;

  • Coordinate Risk Assessment audits, PCI DSS, PCI PIN Security, ISO 27001, ISO 22301, penetration/vulnerability tests, and other related assessments;

  • Contribute to the definition of BC & DR strategy, policy, standards, plans, and direction;

  • Be the subject matter expert on business continuity, disaster recovery, and crisis management, supporting business stakeholders;

  • Structure, support, and coordinate regular business continuity and disaster recovery testing to assess the effectiveness of established plans and procedures;

  • Structure, support, and coordinate all aspects of design, implementation, planning, testing, and governance of Business Continuity, Disaster Recovery, Emergency, and Crisis Management Plans within the company's Business Continuity scope;

  • Ensure that the business, IT, and third-party teams involved are adequately trained in BC, DR, and Crisis requirements, policies, and standards and that the Business Continuity theme is disseminated throughout the company;

  • Structure and conduct Business Impact Analysis (BIA);

  • Create executive reports regarding strategies, test results, risks, and crises;

  • Build and update business continuity KPIs;

Minimum Qualifications

  • Experience of cybersecurity frameworks and audits such as ISO 27001, ISO 22301, PCI DSS, SOC 1 and SOC 2 and other regulatory requirements;

  • Experience with Business Continuity, Disaster Recovery and Crisis Management;

  • Desirable experience with  Disaster Recovery with  AWS;

Core Benefits

  • Remote work

  • Flexible hours

  • Gympass

  • Meal & Food vouchers

  • Remote work financial support

  • Life Insurance

  • Medical and Dental Assistance

  • Employee child care benefit: daycare

  • Vidalink partnership

  • Day off (Birthday)

  • Support for studying languages

  • 50% off AWS and GCP certifications

Technologies that we apply in our day

  • SAST

  • SCA

  • IaC Scans

 

Go ad-free with Premium ×
About the Job
Full-time
Brazil
Posted 2 years ago
infosec security aws
Check if your resume is a good fit
25/100
Get Full Report
+ 1,284 new jobs added today
30,000+
Remote Jobs

Don't miss out — new listings every hour

Join Premium

Information Security Analyst III

Pismo
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote System Administration jobs

Summary

The Information Security Analyst - GRC involves performing comprehensive scoping, control assessments, and audit facilitation as part of the certification team. This person will work closely with cross-functional teams to assess risks and controls, work directly with Business Continuity, Disaster Recovery and Crisis Management, and assist with IT audit projects.

 

What you'll do

  • Ensure the security process is governed by organizational policies and practices that are consistently applied;

  • Require that data with similar criticality and sensitivity characteristics be protected consistently regardless of where in the organization it resides;

  • Enforce compliance with the security program in a balanced and consistent manner across the organization and ensure adherence to applicable regulations;

  • Routinely inform the Operations & Technology Committee & Management Risk Committee (MRC) of the overall status of the Institution’s Information Security Program to prevent cyber-attacks;

  • Coordinate Risk Assessment audits, PCI DSS, PCI PIN Security, ISO 27001, ISO 22301, penetration/vulnerability tests, and other related assessments;

  • Contribute to the definition of BC & DR strategy, policy, standards, plans, and direction;

  • Be the subject matter expert on business continuity, disaster recovery, and crisis management, supporting business stakeholders;

  • Structure, support, and coordinate regular business continuity and disaster recovery testing to assess the effectiveness of established plans and procedures;

  • Structure, support, and coordinate all aspects of design, implementation, planning, testing, and governance of Business Continuity, Disaster Recovery, Emergency, and Crisis Management Plans within the company's Business Continuity scope;

  • Ensure that the business, IT, and third-party teams involved are adequately trained in BC, DR, and Crisis requirements, policies, and standards and that the Business Continuity theme is disseminated throughout the company;

  • Structure and conduct Business Impact Analysis (BIA);

  • Create executive reports regarding strategies, test results, risks, and crises;

  • Build and update business continuity KPIs;

Minimum Qualifications

  • Experience of cybersecurity frameworks and audits such as ISO 27001, ISO 22301, PCI DSS, SOC 1 and SOC 2 and other regulatory requirements;

  • Experience with Business Continuity, Disaster Recovery and Crisis Management;

  • Desirable experience with  Disaster Recovery with  AWS;

Core Benefits

  • Remote work

  • Flexible hours

  • Gympass

  • Meal & Food vouchers

  • Remote work financial support

  • Life Insurance

  • Medical and Dental Assistance

  • Employee child care benefit: daycare

  • Vidalink partnership

  • Day off (Birthday)

  • Support for studying languages

  • 50% off AWS and GCP certifications

Technologies that we apply in our day

  • SAST

  • SCA

  • IaC Scans