Owns deliverables / areas of an engagement / project with minimal input - delivering quality outputs and helping review the work of less experienced members of the engagement / project team;
Contributes to the planning and delivery of engagements including work plans, timelines, project management and resource allocation;
Description
Management and monitoring of project teams in the implementation of deliverables;
Implements security controls, risk assessment framework, and program that align to regulatory requirements;
Be part of the definition, development, implementation and assessments of Information Security, risk analysis, business continuity and / or data protection projects;
Conduct Information Security compliance and maturity assessments using standards and best practices;
Evaluates risks and develops security standards, procedures, and controls to manage risks;
Conduct periodic audits and reviews of cybersecurity controls to ensure compliance and effectiveness of security systems (internal audits, third-party review, and compliance testing);
Coordinate and lead cybersecurity incident response, including investigation, mitigation and recovery. This involves defining incident response plans, coordinating with incident response teams, and implementing corrective measures;
Profile
A degree in Computer Science, Engineering, Information Systems or related fields is a plus;
4 to 7 years of professional experience;
Solid experience developing and implementing enterprise governance, risk, and compliance strategy and solutions;
Extensive experience and knowledge of cybersecurity principles, security standards, regulations and frameworks;
Prior experience in compliance policies, procedures and practices, namely risk management, internal audit or regulatory compliance;
Solid experience in information systems auditing, monitoring, controlling, and assessment process;
Strong knowledge in risk assessment and management methodology;
Knowledge in information technology systems and processes, network infrastructure, data architecture, data processes, and protocols;
Solid knowledge of relevant regulations, such as data protection laws, privacy regulations, among others;
Must be familiar with dashboard and report creation;
Prior leadership of more junior elements (preferred);