Senior Information Security GRC Analyst

Há 7 dias

Greater São Paulo Area, Brasil WEX Tempo inteiro R$90.000 - R$120.000 por ano

About The Team/Role
We are seeking a highly experienced and proactive Information Security GRC Analyst Level 3 – PCI DSS Compliance to support our organization's PCI DSS compliance efforts. This role will focus on ensuring strict adherence to the Payment Card Industry Data Security Standard (PCI DSS) while contributing to broader governance, risk, and compliance (GRC) initiatives. The ideal candidate will possess deep expertise in PCI DSS and the ability to drive compliance programs in complex environments.

How You'll Make An Impact
Participate and play a key role in the WEX PCI DSS compliance program, ensuring ongoing adherence to the latest PCI DSS requirements.

  • Conduct and coordinate PCI DSS gap assessments, control evaluations, and risk assessments to identify and remediate deficiencies.
  • Conduct and coordinate PCI DSS annual reviews in accordance with PCI DSS v4.0.1.
  • Serve as the primary liaison for external audits, working closely with Qualified Security Assessors (QSAs), auditors, and regulatory bodies to ensure successful compliance certifications.
  • Develop and maintain PCI DSS policies, procedures, and documentation to align with regulatory requirements and industry best practices.
  • Collaborate with IT, Security, Legal, and Business teams to integrate PCI DSS controls into enterprise security and risk management frameworks.
  • Implement security and compliance automation tools to enhance PCI DSS control effectiveness and efficiency.
  • Stay updated on PCI DSS regulatory changes and evolving threats, advising on necessary adjustments.
  • Support broader GRC initiatives, including ISO 27001, NIST, SOC 2, and risk management programs, as needed.
  • Act as a subject matter expert (SME) for PCI DSS, advising stakeholders on compliance strategies, risks, and security best practices.

Experience You'll Bring

  • Education: Bachelor's or Master's degree in Information Security, Computer Science, Business, or a related field (or equivalent work experience).
  • Experience in information security, compliance, risk management, or a related field, with a strong focus on PCI DSS compliance. Experience with PCI issuing banks preferred.
  • Technical Knowledge: In-depth understanding of PCI DSS, security frameworks (NIST, ISO 27001, SOC 2), risk management methodologies, cloud environments (AWS and Azure), and secure network architectures.
  • Skills: Strong analytical, problem-solving, and project management skills; ability to communicate effectively with both technical and executive stakeholders.
  • Tools & Technologies: Experience with GRC tools, security compliance platforms, vulnerability management tools, and cloud security.
  • Certifications (Preferred): PCI Professional (PCIP), Qualified Security Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM).

  • Information Security Specialist

    1 semana atrás

    Sao Paulo, Brasil SumUp Tempo inteiro

    **Information Security Specialist (GRC)** At SumUp our vision is to be a global leader in the FinTech industry and build a world where small businesses can be successful doing what they love. To get there, we are putting together a team that is passionate about what they do, committed to one another and to our merchants. The Information Security Team is a...

  • Information Security Analyst

    Há 5 dias

    São Paulo, São Paulo, Brasil Botcity Tempo inteiro

    Company OverviewBotCity is building the future of automation with the Governance Platform for Python automations and AI Agents. We empower enterprises to innovate at scale, bringing governance, control, and observability to every automation project. Our philosophy is simple: automation is software, and software deserves the same high-code standards that...

  • Consultor de Grc Sênior

    Há 3 dias

    São Paulo, Brasil Redbelt Security Tempo inteiro

    Você será responsável pela condução e implementação de projetos de GRC (Governança, Riscos e Compliance para Segurança Cibernética) junto aos clientes da Redbelt Security, bem como nas áreas internas da empresa, realizando uma avaliação abrangente dos processos, políticas e controles existentes relacionados à governança, riscos e conformidade...

  • Sênior Sap Security Consultant/Analyst

    1 semana atrás

    São Paulo, Brasil Decision Group Tempo inteiro

    Nível Acadêmico: Ensino Superior Completo Turno/Horas -- Áreas de Atuação Profissional: TI - SAP Descrição: Job Description: Senior SAP Security Consultant / Analyst Location: Remote.To cover Brazil, DOP (Dominican Rep) and India.Habilidades: 4-5 Months Demand - FTE Demand Details: 5 Consultants to cover all Regions Key Responsibilities: Lead the...

  • Sênior Sap Security Consultant/Analyst

    Há 5 dias

    São Paulo, Brasil Decision Group Tempo inteiro

    Nível Acadêmico: Ensino Superior Completo Turno/Horas -- Áreas de Atuação Profissional: TI - SAP Descrição: Job Description: Senior SAP Security Consultant / Analyst Location: Remote.To cover Brazil, DOP (Dominican Rep) and India.Habilidades: 4-5 Months Demand - FTE Demand Details: 5 Consultants to cover all Regions Key Responsibilities: Lead the...

  • Consultor GRC Sênior

    Há 7 dias

    São Paulo, São Paulo, Brasil Redbelt Security Tempo inteiro R$90.000 - R$120.000 por ano

    Você será responsável pela condução e implementação de projetos de GRC (Governança, Riscos e Compliance para Segurança Cibernética) junto aos clientes da Redbelt Security, bem como nas áreas internas da empresa, realizando uma avaliação abrangente dos processos, políticas e controles existentes relacionados à governança, riscos e conformidade...

  • Information Security Analyst Ii

    2 semanas atrás

    Sao Paulo, Brasil Sovos Compliance Tempo inteiro

    **The Work You'll Do** The Sovos Information Security Analyst II is tasked with security systems administration and implementation and the investigations and review of system alerts, logs, and reports. This member of the Information Security Team will also assist with the architectural design, planning, and implementation of enterprise operational defenses...

  • Consultor GRC Sênior

    Há 7 dias

    São Paulo, São Paulo, Brasil REDBELT SECURITY Tempo inteiro R$90.000 - R$120.000 por ano

    Você será responsável pela condução e implementação de projetos de GRC (Governança, Riscos e Compliance para Segurança Cibernética) junto aos clientes da Redbelt Security, bem como nas áreas internas da empresa, realizando uma avaliação abrangente dos processos, políticas e controles existentes relacionados à governança, riscos e conformidade...

  • Security Analyst

    3 semanas atrás

    São Paulo, Brasil Bunge Tempo inteiro

    Join to apply for the Security Analyst role at Bunge 2 days ago Be among the first 25 applicants Join to apply for the Security Analyst role at Bunge Location : BAL - SEDECity : Sao PauloState : São Paulo (BR-SP)Country : Brazil (BR)Requisition Number : 40380At Bunge, people don’t just come here to work, they come here to grow – solving challenges that...

  • Sênior SAP Security Consultant/Analyst

    2 semanas atrás

    São Paulo, Brasil Decision group Tempo inteiro

    Nível Acadêmico: Ensino Superior Completo Turno/Horas -- Áreas de Atuação Profissional: TI - SAP Descrição: Job Description: Senior SAP Security Consultant / Analyst Location: Remote. To cover Brazil, DOP (Dominican Rep) and India. Habilidades: 4-5 Months Demand - FTE Demand Details: 5 Consultants to cover all Regions Key Responsibilities: Lead the...