Director, Information Security Risk Management

2 semanas atrás

São Paulo, São Paulo, Brasil Iqvia Tempo inteiro

**Job Overview**
- Leading risk-related projects
- Maintaining ongoing testing and development of Information Security Risk Management framework, liaising with senior stakeholders and providing regular updates to stakeholders.
- Producing risk reports when required
- Working closely with other senior leaders within the team regarding training and guidance to support the business.
- Working with Business Units and stakeholders to ensure adequate, cost effective and timely protection/risk transfer for business activities.
- Creating a Supplier Risk Management Framework

**Key Responsibilities**:

- Own the development and integration of the Information Security Risk Management Framework, Risk Appetite Statements, and Risk Policies and Procedures across the organization.
- Work closely with business and senior management to identify and manage risks aligned with the organization's strategy and risk appetite.
- Provides strategic and tactical guidance to business decision-makers.
- Contribute to a strong governance structure and risk management across all business entities.
- Assess the impact of emerging risks and regulations, providing input and support for pragmatic solutions.
- Establish a comprehensive risk reporting system and process.
- Assist to remediate risks identified through established processes and procedures.
- Provides recommendations for remediation based on the reviews and risk assessments performed.
- Assist key business stakeholders in identifying and responding effectively to risk.
- Define key risk and performance indicators (KRIs/KPIs) for evaluating risk management performance.
- Integrate business continuity and crisis management into the organization's risk management strategies.
- Support the configuration of the TPRM & Risk Management solution for consistency with local processes.
- Assist in reviewing third parties, including due diligence reviews.
- Perform review of vendor engagements, understanding the functions of effective third-party risk.
**Qualifications**:

- Bachelor's Degree Computer Science, a related field, or equivalent experience required.
- 10 years of experience within the information security domain managing Risk frameworks.
- Deep understanding and demonstrated experience of end-to-end risk management lifecycle, including key components and their relationships with internal and external stakeholders.
- Experience in non-financial/operational risk - developing and implementing risk frameworks, policies, and procedures.
- Demonstrated experience leading risk management workshops, obtaining and synthesizing inputs from technical and non-technical stakeholders throughout the enterprise.
- Experience in conducting Third Party reviews is advantageous.
- Experience operating as a part of a GRC program in alignment with common information technology management frameworks such as NIST, ITIL, ISO 27001 etc.
- Security-related qualifications such as CISM or CISSP, CRISC are a plus.

  • Information Security Risk Management Lead

    2 semanas atrás

    São Paulo, São Paulo, Brasil Bitso Tempo inteiro

    As an Information Security Lead, you will be a key player in the planning, design, implementation, operation and maintenance of the organization's Information Security Risk Management program, guaranteeing that it complies with the legal and regulatory requirements, as well as implementing and promoting the adoption of security and risk standards such as...

  • Information Security Expert

    Há 15 horas

    São Paulo, São Paulo, Brasil beBeeCybersecurity Tempo inteiro R$90.000 - R$120.000

    About the Role:We are seeking an experienced Information Security Analyst to join our team. As a key member of our cybersecurity group, you will be responsible for supporting the execution of our cybersecurity strategy and developing a mature cyber risk management framework.Responsibilities:Support the development of a comprehensive cyber risk management...

  • IT Risk Security Specialist

    2 semanas atrás

    São Paulo, São Paulo, Brasil beBeeRisk Tempo inteiro R$40.000 - R$55.000

    Senior IT Risk Analyst PositionThe ideal candidate for this role will possess in-depth knowledge of information security principles and risk management frameworks.About the RoleConduct comprehensive risk assessments across various IT domains, identifying potential vulnerabilities, threats, and impacts.Develop and implement effective risk mitigation...

  • Senior Manager, Security Risk Management

    2 semanas atrás

    São Paulo, São Paulo, Brasil Kroll Tempo inteiro

    In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens.Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business.We embrace diverse backgrounds and global perspectives, and we cultivate...

  • Information Security Officer

    1 semana atrás

    São Paulo, São Paulo, Brasil Pay Retailers Tempo inteiro

    At PayRetailers, we are committed to providing cutting-edge solutions that empower businesses to succeed in Latin America. Our collaborative and inclusive work environment encourages creativity and growth, where every employee's contribution is valued. Get ready to embark on an exciting journey with us, as we strive to make a meaningful impact on the world...

  • Senior Information Security GRC Analyst

    2 semanas atrás

    São Paulo, São Paulo, Brasil WEX Inc. Tempo inteiro

    Senior Information Security GRC Analyst page is loadedSenior Information Security GRC AnalystApply locations Brazil Sao Paulo - Remote Office Brazil Porto Alegre - Remote Office Brazil Salvador - Remote Office time type Full time posted on Posted 14 Days Ago job requisition id R18721About the Team/RoleWe are seeking a highly experienced and proactive...

  • Senior Information Security GRC Analyst

    1 semana atrás

    São Paulo, São Paulo, Brasil WEX Inc. Tempo inteiro

    Senior Information Security GRC Analyst page is loadedSenior Information Security GRC Analyst Apply locations Brazil Sao Paulo - Remote Office Brazil Porto Alegre - Remote Office Brazil Salvador - Remote Office time type Full time posted on Posted 14 Days Ago job requisition id R18721About the Team/Role We are seeking a highly experienced and proactive...

  • Information Security Officer

    Há 24 horas

    São Paulo, São Paulo, Brasil DLL Group Tempo inteiro

    Do you believe businesses should have a bigger ambition than short term profit? If you do, join DLL's mission to 'See what counts'. You'll be part of a team that gets the right tools into the right hands. A team that understands the heart and soul of our partners' business. A team that provides original financial solutions to sustain success for...

  • Information Security Specialist

    1 semana atrás

    São Bernardo do Campo, São Paulo, Brasil Allianz Insurance Tempo inteiro R$80.000 - R$120.000 por ano

    The ISO has overall responsibility for the effective implementation and maintenance of the Information Security Management System (ISMS) within Allianz Technology. Furthermore, the ISO oversees the fulfilment of Information Security requirements in all services provided by Allianz Technology as shared service provider to its customers.  What you doEach...

  • Chief Information Security Officer

    Há 18 horas

    São Paulo, São Paulo, Brasil beBeeCompliance Tempo inteiro R$90.000 - R$120.000

    Job Overview:The Technical Manager role plays a critical part in identifying security and compliance challenges affecting business operations across various accounts.This involves executing controls to deter, detect, and mitigate security risks, including monitoring and auditing information and data protection for clients.Key Responsibilities:Promote...