Director, Information Security Risk Management

1 dia atrás

Sao Paulo, Brasil IQVIA Tempo inteiro

**Job Overview**
- Leading risk-related projects
- Maintaining ongoing testing and development of Information Security Risk Management framework, liaising with senior stakeholders and providing regular updates to stakeholders.
- Producing risk reports when required
- Working closely with other senior leaders within the team regarding training and guidance to support the business.
- Working with Business Units and stakeholders to ensure adequate, cost effective and timely protection/risk transfer for business activities.
- Creating a Supplier Risk Management Framework

**Key Responsibilities**:

- Own the development and integration of the Information Security Risk Management Framework, Risk Appetite Statements, and Risk Policies and Procedures across the organization.
- Work closely with business and senior management to identify and manage risks aligned with the organization’s strategy and risk appetite.
- Provides strategic and tactical guidance to business decision-makers.
- Contribute to a strong governance structure and risk management across all business entities.
- Assess the impact of emerging risks and regulations, providing input and support for pragmatic solutions.
- Establish a comprehensive risk reporting system and process.
- Assist to remediate risks identified through established processes and procedures.
- Provides recommendations for remediation based on the reviews and risk assessments performed.
- Assist key business stakeholders in identifying and responding effectively to risk.
- Define key risk and performance indicators (KRIs/KPIs) for evaluating risk management performance.
- Integrate business continuity and crisis management into the organization's risk management strategies.
- Support the configuration of the TPRM & Risk Management solution for consistency with local processes.
- Assist in reviewing third parties, including due diligence reviews.
- Perform review of vendor engagements, understanding the functions of effective third-party risk.

**Qualifications**:

- Bachelor's Degree Computer Science, a related field, or equivalent experience required.
- 10 years of experience within the information security domain managing Risk frameworks.
- Deep understanding and demonstrated experience of end-to-end risk management lifecycle, including key components and their relationships with internal and external stakeholders.
- Experience in non-financial/operational risk - developing and implementing risk frameworks, policies, and procedures.
- Demonstrated experience leading risk management workshops, obtaining and synthesizing inputs from technical and non-technical stakeholders throughout the enterprise.
- Experience in conducting Third Party reviews is advantageous.
- Experience operating as a part of a GRC program in alignment with common information technology management frameworks such as NIST, ITIL, ISO 27001 etc.
- Security-related qualifications such as CISM or CISSP, CRISC are a plus.

  • Leader in Information Security Risk Management

    Há 2 dias

    São Paulo, São Paulo, Brasil beBeeSecurity Tempo inteiro R$180.000 - R$250.000

    Information Security Risk Management LeaderJob Description:As an Information Security Risk Manager at our organization, you will play a pivotal role in safeguarding our IT systems and information assets. You'll be at the forefront of establishing and maintaining a robust risk management program that ensures compliance with regulatory and industry standards...

  • Information Security Risk Manager

    Há 3 dias

    São Paulo, Brasil IQVIA Tempo inteiro

    **Information Security Risk Manager** **Role** As an Information Security Risk Manager at IQVIA, you will play a pivotal role in safeguarding our IT systems and information assets. You’ll be at the forefront of establishing and maintaining a robust risk management program that ensures compliance with regulatory and industry standards while fostering a...

  • Information Security Risk Manager

    2 semanas atrás

    São Paulo, SP, Brasil IQVIA Tempo inteiro

    **Job Overview** The Information Security Risk Manager is a crucial role within IQVIA organization, responsible for helping to establish and maintain IQVIA's risk management program, which is designed to ensure that the company's IT systems and information assets are adequately protected. The individual in this position will be responsible for identifying...

  • Business Information Security Officer

    Há 5 dias

    Sao Paulo, Brasil Bank of America Tempo inteiro

    **LATAM GIS BISO searches for a Business Information Security Officer** **Responsibilities**: Advise LOB management on risk issues related to information security and recommend actions in support of the bank's wider risk management and compliance programs; - Monitor information security trends internal and external to the bank and keep LOB leadership...

  • Information Security Expert

    2 semanas atrás

    São Paulo, São Paulo, Brasil beBeeCybersecurity Tempo inteiro R$90.000 - R$120.000

    About the Role:We are seeking an experienced Information Security Analyst to join our team. As a key member of our cybersecurity group, you will be responsible for supporting the execution of our cybersecurity strategy and developing a mature cyber risk management framework.Responsibilities:Support the development of a comprehensive cyber risk management...

  • Information Security Specialist

    Há 2 dias

    Sao Paulo, Brasil SumUp Tempo inteiro

    At SumUp our vision is to be a global leader in the FinTech industry and build a world where small businesses can be successful doing what they love. To get there, we are putting together a team that is passionate about what they do, committed to one another and to our merchants. The Information Security Team is a key component in SumUp's Governance, Risk...

  • Information Security Specialist

    1 dia atrás

    São Paulo, São Paulo, Brasil beBeeSecurity Tempo inteiro R$75.359 - R$118.244

    Job DescriptionWe are seeking a seasoned Information Security Specialist to define and implement our Information/Cyber Security Program/Framework and support the organization in managing its Information/Cyber Security risks.In this role, you will work closely with colleagues to elevate Information/Cyber Security from a compliance requirement to a business...

  • Business Security Management

    Há 3 dias

    Sao Paulo, Brasil Santander Tempo inteiro

    Business Security Management SAO PAULO, Brazil **WHAT YOU WILL BE DOING** Descrição do cargo The Business Security Management function is implemented by a distributed team that collaborates closely with business lines to ensure security is appropriately considered as part of all business activities - internal and key suppliers. Business Security...

  • Chief Information Security Risk Manager

    Há 11 horas

    São Paulo, São Paulo, Brasil beBeeriskmanagement Tempo inteiro R$120.000 - R$180.000

    We are seeking a seasoned Information Security Risk Management expert to lead our risk-related projects. The ideal candidate will have a proven track record of managing risk frameworks and collaborating with senior stakeholders to drive business objectives.Key Responsibilities:

  • Chief Information Security Officer

    1 dia atrás

    São Paulo, São Paulo, Brasil beBeeInformationSecurity Tempo inteiro US$140.660 - US$214.995

    Job TitleThe Director of Information Security Procurement is responsible for leading a procurement organization in support of IT infrastructure.Key ResponsibilitiesCategory Strategy Development: Develop and implement comprehensive category strategies that align with organizational objectives.Market Analysis: Conduct thorough market research and analysis to...