Enable job alerts via email!
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
CI&T, un leader en transformation technologique, recherche un Senior GRC Security Analyst pour gérer et améliorer les processus de gestion des risques de cybersécurité. Ce poste clé nécessite une personne proactive, capable de naviguer dans des environnements réglementaires complexes et de collaborer avec diverses équipes. Les candidats doivent avoir une maîtrise de l'anglais, d'excellentes compétences en communication et une forte capacité analytique.
We are tech transformation specialists, uniting human expertise with AI to create scalable tech solutions.
With over 7,400 CI&Ters around the world, we’ve built partnerships with more than 1,000 clients during our 30 years of history. Artificial Intelligence is our reality.
Hi There, This isLaura from CI&T!
I am a Talent Attracting Analyst looking for people located in Colombia for a Senior GRC Security Analyst to join our team. The GRC Security Analyst will play a key role in maintaining and enhancing our Cybersecurity Risk Management Process while ensuring adherence to industry standards and regulatory requirements in the medical device sector. This position requires a detail-oriented and proactive individual.
Responsibilities:
- Enterprise Cybersecurity Risk Management: Continuously identify, log, and analyze control nonconformities and unresolved/high-risk vulnerabilities across different sources. Maintain the Risk Registry and deliver timely risk treatment updates and reports to stakeholders.
- Third-party Cybersecurity Risk Assessments: Executed annually, ensuring alignment with internal risk standards and external compliance requirements.
- Cybersecurity Controls Management: Maintain and enhance the cybersecurity control framework by mapping existing controls, collecting evidence of execution, identifying gaps or nonconformities, and aligning overlapping requirements under a unified structure. Ensure adherence to frameworks such as HITRUST, HIPAA, Spain ENS certification.
- Policies and Procedures Development: Create and maintain cybersecurity-related policies and procedures. Ensure documentation complies with regulatory and contractual standards.
Requirements for this challenge:
- Advanced english for communication with international clients
- Excellent communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
- Strong analytical and problem-solving skills, with the ability to make informed decisions in high-pressure situations.
- Conduct cybersecurity risk assessments, identify potential vulnerabilities, and recommend strategies to mitigate risks.
- Collaborate with cross-functional teams to ensure that GRC policies, procedures, and controls are effectively communicated and implemented.
- Lead efforts to maintain and update documentation related to GRC processes, including risk assessments, policies, and procedures.
- Participate in internal and external audits, providing support and documentation as needed to demonstrate compliance.
- Strong understanding of GRC frameworks, industry standards, and regulatory requirements.
- Excellent analytical skills, attention to detail, and the ability to work independently and in cross-functional teams.
We are looking forward to receiving your application and working together to drive our success.
#LI-LO1
Our benefits include:
- Premium Healthcare
- Meal voucher
- Maternity and Parental leaves
- Mobile services subsidy
- Sick pay-Life insurance
- CI&T University
- Colombian Holidays
- Paid Vacations
And many others.
Collaboration is our superpower, diversity unites us, and excellence is our standard.
We value diverse identities and life experiences, fostering a diverse, inclusive, and safe work environment. We encourage applications from diverse and underrepresented groups to our job positions.