Senior Information Security GRC Analyst

Há 6 dias

Greater São Paulo Area, Brasil WEX Tempo inteiro R$90.000 - R$120.000 por ano

About The Team/Role
We are seeking a highly experienced and proactive Information Security GRC Analyst Level 3 – PCI DSS Compliance to support our organization's PCI DSS compliance efforts. This role will focus on ensuring strict adherence to the Payment Card Industry Data Security Standard (PCI DSS) while contributing to broader governance, risk, and compliance (GRC) initiatives. The ideal candidate will possess deep expertise in PCI DSS and the ability to drive compliance programs in complex environments.

How You'll Make An Impact
Participate and play a key role in the WEX PCI DSS compliance program, ensuring ongoing adherence to the latest PCI DSS requirements.

  • Conduct and coordinate PCI DSS gap assessments, control evaluations, and risk assessments to identify and remediate deficiencies.
  • Conduct and coordinate PCI DSS annual reviews in accordance with PCI DSS v4.0.1.
  • Serve as the primary liaison for external audits, working closely with Qualified Security Assessors (QSAs), auditors, and regulatory bodies to ensure successful compliance certifications.
  • Develop and maintain PCI DSS policies, procedures, and documentation to align with regulatory requirements and industry best practices.
  • Collaborate with IT, Security, Legal, and Business teams to integrate PCI DSS controls into enterprise security and risk management frameworks.
  • Implement security and compliance automation tools to enhance PCI DSS control effectiveness and efficiency.
  • Stay updated on PCI DSS regulatory changes and evolving threats, advising on necessary adjustments.
  • Support broader GRC initiatives, including ISO 27001, NIST, SOC 2, and risk management programs, as needed.
  • Act as a subject matter expert (SME) for PCI DSS, advising stakeholders on compliance strategies, risks, and security best practices.

Experience You'll Bring

  • Education: Bachelor's or Master's degree in Information Security, Computer Science, Business, or a related field (or equivalent work experience).
  • Experience in information security, compliance, risk management, or a related field, with a strong focus on PCI DSS compliance. Experience with PCI issuing banks preferred.
  • Technical Knowledge: In-depth understanding of PCI DSS, security frameworks (NIST, ISO 27001, SOC 2), risk management methodologies, cloud environments (AWS and Azure), and secure network architectures.
  • Skills: Strong analytical, problem-solving, and project management skills; ability to communicate effectively with both technical and executive stakeholders.
  • Tools & Technologies: Experience with GRC tools, security compliance platforms, vulnerability management tools, and cloud security.
  • Certifications (Preferred): PCI Professional (PCIP), Qualified Security Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM).

  • Senior Information Security GRC Analyst

    4 semanas atrás

    Região Geográfica Intermediária de São Paulo, São Paulo, Brazil WEX Tempo inteiro

    Join to apply for the Senior Information Security GRC Analyst role at WEXJoin to apply for the Senior Information Security GRC Analyst role at WEXGet AI-powered advice on this job and more exclusive features.About The Team/RoleWe are seeking a highly experienced and proactive Information Security GRC Analyst Level 3 – PCI DSS Compliance to support our...

  • Information Security Specialist

    2 semanas atrás

    Sao Paulo, Brasil SumUp Tempo inteiro

    **Information Security Specialist (GRC)**At SumUp our vision is to be a global leader in the FinTech industry and build a world where small businesses can be successful doing what they love. To get there, we are putting together a team that is passionate about what they do, committed to one another and to our merchants.The Information Security Team is a key...

  • Senior Information Security Metrics Analyst

    3 semanas atrás

    São Paulo, São Paulo, Brasil IQVIA Tempo inteiro

    **Role**:As a** Senior Information Security Metrics Analyst, **you will play a crucial role in ensuring the security and compliance of our organization. You'll be responsible for analyzing, measuring, and reporting on various security metrics to enhance our overall security posture. Your expertise will guide decision-making and risk management...

  • Information Security Analyst Ii

    3 semanas atrás

    São Paulo, São Paulo, Brasil Sovos Compliance Tempo inteiro

    **The Work You'll Do**The Sovos Information Security Analyst II is tasked with security systems administration and implementation and the investigations and review of system alerts, logs, and reports. This member of the Information Security Team will also assist with the architectural design, planning, and implementation of enterprise operational defenses...

  • Information Security Compliance Manager

    3 semanas atrás

    São Paulo, São Paulo, Brasil IQVIA Tempo inteiro

    Role:As an **Information Security Compliance Mgr**., you will play a crucial role in ensuring the security and compliance of our organization. You'll be responsible for providing assurance to our external parties on the security posture of IQVIA. This role plays a significant part in our Global Information Security team and will provide an excellent...

  • Consultor GRC Sênior

    Há 6 dias

    São Paulo, São Paulo, Brasil Redbelt Security Tempo inteiro R$90.000 - R$120.000 por ano

    Você será responsável pela condução e implementação de projetos de GRC (Governança, Riscos e Compliance para Segurança Cibernética) junto aos clientes da Redbelt Security, bem como nas áreas internas da empresa, realizando uma avaliação abrangente dos processos, políticas e controles existentes relacionados à governança, riscos e conformidade...

  • Consultor GRC Sênior

    Há 6 dias

    São Paulo, São Paulo, Brasil REDBELT SECURITY Tempo inteiro R$90.000 - R$120.000 por ano

    Você será responsável pela condução e implementação de projetos de GRC (Governança, Riscos e Compliance para Segurança Cibernética) junto aos clientes da Redbelt Security, bem como nas áreas internas da empresa, realizando uma avaliação abrangente dos processos, políticas e controles existentes relacionados à governança, riscos e conformidade...

  • Sênior Sap Security Consultant/Analyst

    1 semana atrás

    São Paulo, Brasil Decision Group Tempo inteiro

    Nível Acadêmico: Ensino Superior Completo Turno/Horas Áreas de Atuação Profissional: TI - SAP Descrição: Job Description: Senior SAP Security Consultant / Analyst Location: Remote. To cover Brazil, DOP (Dominican Rep) and India. Habilidades: 4-5 Months Demand - FTE Demand Details: 5 Consultants to cover all Regions Key Responsibilities: Lead the...

  • Information Security Senior Analyst

    Há 7 dias

    Sao Paulo, Brasil DiDi Global Tempo inteiro

    Company Overview: If you see technology as there to smooth your path in life, our team does too: Your Path, Our Journey. We believe in people who transform their paths through technology. Technology that connects people who are good at what they do and which practices diversity to create and share those paths that we (as yet!) do not even know about. Our...

  • Information Security Analyst

    3 semanas atrás

    São Paulo, São Paulo, Brasil Siemens Healthineers Tempo inteiro

    Do you want to help create the future of healthcare? Siemens Healthineers is a place for people who dedicate their energy and passion to this greater cause. It reflects their pioneering spirit combined with our long history of engineering in the ever evolving healthcare industry.We offer you a flexible and dynamic environment where you have the space to...