Senior Information Security Governance Analyst
Brasil
Full Time
6 days ago
No Visa Sponsorship
Key skills
Risk Management
About this role
Role Overview
- Develop and maintain Information Security policies, standards and procedures;
- Evolve the Business Continuity program (BIA, BCP, testing);
- Lead security risk management (progressing toward FAIR);
- Conduct maturity assessments (ISF) and propose improvement plans (PDSI);
- Support and manage cyber insurance matters (renewals, evidence, claims);
- Perform vendor monitoring (risk assessment, due diligence, action plans);
- Participate in audit support and follow-up (internal and external);
- Respond to customer requirements and audits (questionnaires, evidence, contracts);
- Produce metrics and reports to support decision-making.
Requirements
- Postgraduate studies in progress in Computer Science or other fields relevant to the role;
- Advanced English proficiency or coursework;
- ISO 27001:2013
- interpretation of the standard;
- ISO 27002;
- Bachelor's degree in IT, Information Security or related fields;
- Experience in Information Security and/or IT Governance;
- Knowledge of ISO/IEC 27005, ISO 22301 and NIST frameworks;
- Knowledge of FAIR (quantitative risk) and ISF (maturity);
- Experience with: security policies and controls;
- Risk management;
- Business continuity;
- Internal and external audits;
- Experience with TISAX;
- Cyber insurance;
- Vendor assessments;
- Ability to communicate with technical and business stakeholders;
- Analytical, organized and communicative profile.
Benefits
- Not specified