Information Security Specialist
1 semana atrás
**Information Security Specialist (GRC)**
At SumUp our vision is to be a global leader in the FinTech industry and build a world where small businesses can be successful doing what they love. To get there, we are putting together a team that is passionate about what they do, committed to one another and to our merchants.
The Information Security Team is a key component in SumUp's Governance, Risk and Compliance (GRC) team. Our SumUp office in Brazil is hiring for an Information Security Specialist.
As an Information Security Specialist, you'll help us ensure that we're taking all the required steps to build a secure product set and protect our production environments from ever-evolving cyber threats. You'll play a key role in our product engineering ecosystem and partner with engineers from various tribes and squads to oversee the security of our products and features. You'll be influencing implementation of cutting-edge measures to minimise exposures and vulnerabilities while actively training and educating the engineers on security best practices and latest developments. We will look toward your unique skills to approach and solve problems in your own way while ensuring alignment with our global strategic directions. Whether engineering a system to address a technical security hurdle, protecting the customers' data, or consulting on a wide range of security topics, you are fully empowered to autonomously drive the engagement and promote security best practices cross-functionally.
**Responsibilities - What you will do**:
- Contribute to the ongoing design, implementation, improvement and maintenance of the SumUp Information Security Management Program.
- Improve and maintain information security risk management systems
- Review information security controls, audit recommendations and risk mitigation plans and collaborate with other teams to implement the necessary actions.
- Participate in third-party risk management by conducting third party due diligence, supplier reviews and contract review.
- Collaborate with other stakeholders to promote information security best practices, provide expert advice and help to integrate security principles into their processes.
- Support the preparation of external audits or due diligences and respond to auditors, clients and partner requests.
- Monitor the existing laws, regulations and security standards to ensure adequacy with the security controls and processes in place.
- Willing to travel as required.
**Experience required - You'll be great for this position if**:
- You have a Bachelor or Master Degree in information security or technical area or similar qualification
- You have 4+ years of professional experience in a similar position and have acquired knowledge in information security and governance, information security risk management and data protection within the financial industry..
- You have knowledge and experience of common information security standards (e.g, ISO 2700X, NIST), payment standard (e.g. PCI-DSS) and data privacy regulation (e.g. GDPR).
- Ideally you will have experience with third-party risk management and audit procedures as well.
- You hold professional certifications such as CISSP, CISM, ISO 27001 or similar.
- You enjoy working independently as much as working in a team and demonstrate good team spirit & cooperation skills.
- You have strong organizational and analytical skills.
- You have strong communication skills and are comfortable working with stakeholders across all levels.
- You work in an ethical manner and have a high sense of integrity and confidentiality.
- You speak and write fluent English.
**Why SumUp?**.
- Be a part of a truly global team: SumUppers come from over 50 different countries around the world (The GRC Team has nearly 80 members over 3 continents).
- You'll work in an amazing agile team environment that values passion and purpose to achieve incredible results.
- You'll have access to rewarding compensation and benefits.
- You'll have the freedom to drive your career, own projects, and make an impact across the company.
- You'll enjoy flexible hours - we don't micromanage. You have freedom to align with your team if you want to work remotely or take a few days off.
- SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by Company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind._
LI-PD1
**Job Application Tip
-
Information Security Specialist
4 semanas atrás
Sao Paulo, Brasil Nubank Tempo inteiro**About Nubank**Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the...
-
Information Technology Specialist
1 hora atrás
São Paulo, São Paulo, Brasil WestSac Petcare Research Institute Tempo inteiro R$40.000 - R$60.000 por anoRole DescriptionThis is a full-time on-site role for an Information Technology Specialist located in São Paulo, SP. The IT Specialist will be responsible for daily management of network operations, network security, troubleshooting technical issues, and providing customer service. The specialist will work to ensure the institution's IT infrastructure is...
-
Technical Specialist- Cyber Security
Há 7 dias
Sao Paulo, Brasil Microsoft Tempo inteiroMicrosoft is on a mission to empower every person and every organization on the planet to achieve more. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. You can...
-
Information Security Analyst Ii
2 semanas atrás
Sao Paulo, Brasil Sovos Compliance Tempo inteiro**The Work You'll Do** The Sovos Information Security Analyst II is tasked with security systems administration and implementation and the investigations and review of system alerts, logs, and reports. This member of the Information Security Team will also assist with the architectural design, planning, and implementation of enterprise operational defenses...
-
Information Security Analyst
Há 5 dias
São Paulo, São Paulo, Brasil Botcity Tempo inteiroCompany OverviewBotCity is building the future of automation with the Governance Platform for Python automations and AI Agents. We empower enterprises to innovate at scale, bringing governance, control, and observability to every automation project. Our philosophy is simple: automation is software, and software deserves the same high-code standards that...
-
Information Security Engineer
Há 4 dias
São Paulo, Brasil Array Technologies Tempo inteiro4 days ago Be among the first 25 applicants Array Technologies, Inc. is a global leader in solar energy solutions – and we have been for over 30 years! Our dramatic growth is creating incredible opportunities on our dynamic, innovative and creative team. Are you self-motivated, highly-skilled and possess previous Cyber Security / Information Security...
-
Information Security Engineer
Há 2 dias
São Paulo, Brasil Array Technologies Tempo inteiro4 days ago Be among the first 25 applicants Array Technologies, Inc. is a global leader in solar energy solutions – and we have been for over 30 years! Our dramatic growth is creating incredible opportunities on our dynamic, innovative and creative team. Are you self-motivated, highly-skilled and possess previous Cyber Security / Information Security...
-
Information Security Manager
Há 4 dias
São Paulo, Brasil Iris Software Tempo inteiroOverview Information Security Manager We are one of the largest technology-driven Audit, Consulting, Tax, Strategy, and Transaction services in the world. With a presence in over 150 countries, here you will have the opportunity to experience exceptional experiences that only EY can offer, with global reach, an inclusive culture, and technology to become...
-
Networking Security Specialist
3 semanas atrás
São Paulo, Brasil Asper Tempo inteiroNetworking Security Specialist at Asper Join to apply for the Networking Security Specialist role at Asper. Sobre a Asper: Somos a principal MSSP do Brasil e uma empresa de Cibersegurança em crescimento. Oferecemos serviços gerenciados que protegem ativos críticos e atuamos para levar a segurança onde ela é necessária. Requisitos e experiência: ...
-
Healthcare Information Specialist
4 semanas atrás
São Paulo, Brasil Safeguard Global Tempo inteiroThe Medical Information Specialist role is crucial in providing high-quality medical information responses to customers, adhering to regulatory requirements and industry standards. Key Responsibilities Include: 1. Responding to Customer Inquiries - Respond to customer requests for medical and safety information received via telephone, email, letter, fax, and...