Grc Analyst - Colombia

Detalles de la oferta

Due to the continued growth of our organisation and our focus on strengthening governance, risk management, and compliance (GRC), we are seeking an experienced GRC Analyst to join our multidisciplinary IT, Security, and Compliance team. This role will be responsible for covering a wide variety of GRC activities and supporting the groups' compliance with various security standards and will report directly to the Head of IT & Security. Tasks & Responsibilities: Develop, implement, and maintain the Information Security Management System (ISMS) to ensure comprehensive GRC coverage across the organisation. Ensure conformance to necessary security standards (e.g., ISO 27001, ISO 27701) for all systems managed by IT, Security, and technical teams. Support risk management activities and lead audit preparations, including conducting business continuity exercises and maintaining documentation. Develop, update, and enforce information security policies, procedures, and guidelines to ensure compliance and mitigate risks. Lead internal audits and support external assessments against adopted security standards (ISO 27001, ISO 27701, GDPR, etc.). Manage vendor security and data privacy questionnaires, coordinating responses from internal teams to ensure timely completion. Regular interaction with members of the Service Delivery Team and members of IT staff in matters related to information security and security awareness materials. Liaise with service delivery areas to ensure Security incident and privilege access management processes are effective and have been implemented in the Service Delivery areas. Requirements Minimum Requirements: 3+ years of experience in a GRC role or similar capacity. Proven experience in executing and managing internal and external ISO audits. Strong skills in writing high-quality documentation, audit reports, and compliance summaries. Agile and adaptable to changing business and regulatory priorities. Experience working in a global, collaborative, and often virtual team environment. Proficient in IT governance, security frameworks, and audit methodologies (e.g., ISO, GDPR, etc.). Excellent written and verbal communication skills in English. Previous experience working with NIST CSF / NIST 800-53. Nice to have qualifications: Certified Internal Auditor (ISO 27001, ISO 27701, or equivalent) preferred. Experience with FedRAMP is highly desirable. Familiarity with quality management systems, such as ISO 9001, is a plus. #J-18808-Ljbffr


Salario Nominal: A convenir

Fuente: Whatjobs_Ppc

Requisitos

Administrador Sql Server

Nos encontramos en la búsqueda de un colaborador para cubrir la vacante de Administrador SQL para insertarse en el equipo de trabajo, en el área de Base de D...


Novatium - Colombia

Publicado a month ago

Desarrollador Junior

En Newo estamos en búsqueda de talentos como tú. Buscamos tecnólogo y/o ingeniero en sistemas, software o áreas similares. Funciones: - Participar en el a...


New World Company Sas - Colombia

Publicado a month ago

Residente De Sistemas 314041.132335

**Descripción empresa**: El Servicio de Empleo operado por Comfama es la plataforma que conecta a las personas con las empresas que ofrecen oportunidades lab...


Servicio De Empleo Comfama - Colombia

Publicado a month ago

Analista De Innovación

**PROPÓSITO / MISIÓN**: **Implementar las estrategias definidas por el Negocio de Galletas, para desarrollar la capacidad de innovación, dentro del marco del...


Cia De Galletas Noel - Colombia

Publicado a month ago

Built at: 2024-11-11T13:24:24.461Z