
Security GRC Analyst III
1 dia atrás
Join to apply for the Security GRC Analyst III role at Onapsis.
ResponsibilitiesManage our third-party (providers) and customer assessment processes and tools, maintain our Information Security Management System (ISMS), and support security audits such as ISO 27001, SOC 2, and TISAX Lv3, along with the risk management process. You will interact with external parties and with internal teams including Engineering, Legal, Product Management, HR, Finance, Sales, IT, and InfoSec. You will act as the GRC liaison, monitor provider and policy compliance, and create InfoSec training and awareness materials.
Key Activities And Responsibilities- Develop and maintain a formal set of Information Security policies, procedures, and standards according to ISO/IEC 27001:2013.
- Conduct and complete an annual review of the company\'s information security policies, procedures, and standards.
- Oversee and/or assist in ongoing assessments testing the company\'s security procedures, mechanisms, and controls.
- Serve as a liaison for the implementation of security controls derived from policies, standards, and procedures.
- Perform and manage the Vendor Security Assessment process before contracting services or applications with third parties.
- Perform periodic Risk Assessment reviews and coordinate remediation with the corresponding Data Owners.
- Support the coordination of security audits such as ISO 27001, SOC 1 and SOC 2 audits, including preparing meetings, communicating with auditors and internal stakeholders, and reviewing controls and evidence accuracy.
- Assist in the evaluation and settings of physical security for company sites.
- Oversee the development of a Disaster Recovery Plan.
- Develop a set of Performance Indicators to evaluate the effectiveness of security standards and controls.
- Create training materials and ensure compliance through training/awareness programs and periodic security audits (internal and external).
- Provide development guidance and assistance in identifying, implementing, and maintaining organization privacy policies and procedures in coordination with the Data Privacy team.
- Manage the Customer Security Assessments by collaborating with Sales, Customer Success and Legal to review agreements with customers, respond to questionnaires, or share compliance documentation to ensure compliance with customer requirements.
- At least 3 years in a similar role.
- ISO/IEC 27001, CISSP, CISA, or other security certifications desired.
- Excellent communication skills.
- Jira usage knowledge.
- Spoken and written English proficiency.
- Practical experience in audit and risk assessment.
- Knowledge of Information Security and Privacy related laws and regulations in the US and EU.
- Knowledge of other information security standards beyond ISO/IEC 27001:2013 and SOC 1 and SOC 2 (e.g., NIST 800-53, CIS Controls), and regulations related to information security and data privacy (GDPR, FERPA, CCPA), including risk identification and analysis.
- A role in shaping the future of protecting the most critical applications that run the world\'s business and a career that grows as the company grows.
- A unique culture of high achievement and teamwork.
- Supportive and humble colleagues are the space\'s top problem solvers and innovators.
- Financial security through competitive compensation and incentives.
Employment: Onapsis hires full-time employees in Argentina. We do not engage with SRLs or B2B contractors.
About OnapsisOnapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. The Onapsis Platform is powered by the Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications.
Onapsis is headquartered in Boston, MA, with offices in Heidelberg, Germany and Buenos Aires, Argentina, and proudly serves hundreds of the world\'s leading brands, including close to 30% of the Forbes Global 100, six of the top 10 automotive companies, five of the top 10 chemical companies, four of the top 10 technology companies, and three of the top 10 oil and gas companies.
For more information, connect with Onapsis on LinkedIn or visit
#J-18808-Ljbffr-
Security GRC Analyst III
Há 19 horas
Buenos Aires, Brasil Onapsis Tempo inteiroOverview Join to apply for the Security GRC Analyst III role at Onapsis . Responsibilities Manage our third-party (providers) and customer assessment processes and tools, maintain our Information Security Management System (ISMS), and support security audits such as ISO 27001, SOC 2, and TISAX Lv3, along with the risk management process. You will...
-
Security Governance Risk Compliance Specialist
Há 17 horas
Buenos Aires, Espírito Santo, Brazil beBeeGrcanalyst Tempo inteiro R$90.000 - R$120.000Job DescriptionWe are seeking a skilled Security GRC Analyst III to manage our third-party and customer assessment processes and tools, maintain our Information Security Management System (ISMS), and support security audits such as ISO 27001, SOC 2, and TISAX Lv3. You will interact with external parties and internal teams to monitor provider and policy...
-
Buenos Aires, Brasil beBeeInformationSecurity Tempo inteiro US$96.000 - US$108.000Job OverviewThe Security GRC Analyst III will manage third-party and customer assessment processes and tools, maintain the Information Security Management System (ISMS), and support security audits such as ISO 27001, SOC 2, and TISAX Lv3.Key Responsibilities:Policies and Procedures DevelopmentAnnual reviews of information security policies, procedures, and...
-
Principal Security Ops Analyst
4 semanas atrás
Buenos Aires, Espírito Santo, Brazil Syneos Health Tempo inteiroJoin to apply for the Principal Security Ops Analyst role at Syneos Health18 hours ago Be among the first 25 applicantsJoin to apply for the Principal Security Ops Analyst role at Syneos HealthDescriptionPrincipal Security Ops AnalystSyneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We...
-
Information Security Specialist
3 semanas atrás
Buenos Aires, Espírito Santo, Brazil DNV Tempo inteiroJoin to apply for the Information Security Specialist role at DNV3 days ago Be among the first 25 applicantsJoin to apply for the Information Security Specialist role at DNVGet AI-powered advice on this job and more exclusive features.About UsWe are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property,...
-
Sr Info Security Risk Analyst I
2 semanas atrás
Buenos Aires, Espírito Santo, Brazil Syneos Health Tempo inteiroSr Info Security Risk Analyst I - (Hiring Across Multiple Regions)Join to apply for the Sr Info Security Risk Analyst I - (Hiring Across Multiple Regions) role at Syneos HealthSr Info Security Risk Analyst I - (Hiring Across Multiple Regions)3 days ago Be among the first 25 applicantsJoin to apply for the Sr Info Security Risk Analyst I - (Hiring Across...
-
Principal Security Ops Analyst
4 semanas atrás
Buenos Aires, Brasil Syneos Health Tempo inteiroJoin to apply for the Principal Security Ops Analyst role at Syneos Health 18 hours ago Be among the first 25 applicants Join to apply for the Principal Security Ops Analyst role at Syneos Health DescriptionPrincipal Security Ops AnalystSyneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer...
-
ServiceNow Solutions Analyst III
3 semanas atrás
Buenos Aires, Espírito Santo, Brazil JPMorganChase Tempo inteiroServiceNow Solutions Analyst III - Business AnalystJob DescriptionJoin our dynamic team to revolutionize how technology intersects with business. Your analytical skills and tech-savviness will be pivotal in creating impactful solutions.Job DescriptionJoin our dynamic team to revolutionize how technology intersects with business. Your analytical skills and...
-
Information Security Senior Analyst
Há 4 horas
Buenos Aires, Espírito Santo, Brazil Safe-U Tempo inteiroOverviewSomos Safe-U, consultora de ciberseguridad impulsada por la misión de proteger a las organizaciones contra amenazas digitales. Existimos para prevenir las consecuencias de ciberataques a organizaciones y a las personas que trabajan en ellas.Nos encontramos en la búsqueda de Information Security Analyst Senior para asignar de forma exclusiva a uno...
-
Information Security Specialist
Há 3 dias
Buenos Aires, Brasil DNV Tempo inteiroJoin to apply for the Information Security Specialist role at DNV 3 days ago Be among the first 25 applicants Join to apply for the Information Security Specialist role at DNV Get AI-powered advice on this job and more exclusive features. About UsWe are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life,...