Cyber Security Governance

hace 4 semanas

Desde casa, Colombia J.S. Held A tiempo completo

and The Company

**Are you looking to join an organization that is growing and dynamic? What about a high-energy, collaborative environment that rewards hard work?**

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk. Our professionals serve as trusted advisors to organizations facing high-stakes events demanding urgent attention, staunch integrity, clear-cut analysis, and an understanding of both tangible and intangible assets. The firm provides a comprehensive suite of services, products, and data that enable clients to navigate complex, contentious, and often catastrophic situations**. **We have over 100 locations worldwide. We are highly committed to all members of our community, both employees and clients. Our organization focuses on promoting a sense of community and inspiring our people to achieve results that exceed goals.

The Team and Job Summary

**_ Please submit your resume in English._**

Job Responsibilities

The Cyber Security Governance & Risk Analyst will support the GRC Team to drive the design, implementation, and ongoing delivery of:

- Formal Cyber Security Risk Management.
- Cyber Security Policies.
- Cyber Security Compliance.
- Participate in the review and assessment of third-party vendor security controls to ensure compliance with Cyber Security standards.
- Third Party Risk Assessments.
- DR/BCP.
- Help monitor and ensure compliance with relevant regulatory requirements, such as GDPR, HIPAA, ISO 27001, CMMC, NIST CSF.
- Support the development of training and awareness programs for employees to promote a security-conscious culture and adherence to J.S. Held
- Assist in coordinating internal and external audits and examinations related to Compliance and Cyber Security
- Aid in the preparation and presentation of GRC reports, metrics, and key performance indicators as needed.
- Coordinate annual external penetration test and security assessments utilizing 3rd party.
- Contribute to incident response activities, including updating the directory, documenting and reporting security incidents, and participating in post-incident analysis to identify areas of improvement.
- Stay updated on emerging Cyber Security trends, regulatory changes, and industry standards to assist in keeping the organization's GRC practices current and effective.
- Asset Compliance Management.

Required Qualifications
- Professional Level / Full English Fluency (B2).
- Experienced building and executing technology risk frameworks, assessments, reports, metrics, KRIs, and utilizing risk management tools to analyze and model risk. Ability to align frameworks and policies to address requirements from frameworks like COBIT, NIST CSF and ISO, and regulations such as GDPR, HIPAA NY-500, and CCPA.
- Experience designing and evaluating Cyber Security processes, risks, and controls.
- Technical knowledge of Azure, Azure AD, O365, Windows 10/11, iOS, and technical controls us to secure Technology assets (Data, Client and Server OS, Network, Applications, SaaS, IaaS, etc.)
- Hands-on Cyber Security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.
- Strong oral and written communications skills appropriate for interacting with all levels of staff, vendors, and other stakeholders.
- Ability to develop security standards and guidelines based on best practices and industry standards.
- Excellent interpersonal, communication, and presentation skills, including formal report writing experience.
- Proficiency in analyzing security risks, vulnerabilities, and controls within an IT environment.
- Capability to work on multiple tasks with shifting and sometimes conflicting priorities.
- Able to work effectively with other departments to develop effective and efficient solutions.
- Experience designing and implementing information technology processes.
- Demonstrated experience successfully collaborating with remote colleagues.
- Experience working with vendors or managing vendor relationships.
- Experience collaborating with Application, Infrastructure, Network, HelpDesk, and Security teams.
- Ability to deal with ambiguity and flexibility to work collaboratively with others in a dynamic environment.

Preferred Qualifications
- Bachelor’s degree in Computer Science or similar.
- Minimum 8 years of experience in IT Audit, Risk Management or Compliance
- 5+ years (required) Cyber Security
- 3+ years (required) Cyber Security - Governance, Risk and Compliance (GRC)
- Professional certifications such as CISA, CompTIA Security+, COBIT, CISM are a plus.

Physical and Mental Job Qualifications
- Prolonged periods sitting at a desk and working on a computer.

J.S. Held is dedicated to becoming the global leader in providing multi-disciplinary consulting services to the construction, government, healthcare, industrial, insurance, energy, legal, and technology, communities. We have diver

  • Cyber Security Analyst

    hace 2 semanas

    Desde casa, Colombia TheHive A tiempo completo

    POSITION:Cyber Security AnalystSECTION/UNIT:Technology TeamReports to: Chief Technology OfficerSupervises:N/AJOB PURPOSEThe Cyber Security Analyst will be responsible for protecting all of the companys hardware, software, and networks from cybercriminals. The analyst's primary role will be to understand the company IT infrastructure in detail in order to...

  • Director, Data Governance and Operations

    hace 3 días

    Desde casa, Colombia Zayo Group A tiempo completo

    Company Description Zayo provides mission-critical bandwidth to the world’s most impactful companies, fueling the innovations that are transforming our society. Zayo’s 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo’s communications infrastructure solutions include...

  • Director, Application

    hace 7 días

    Desde casa, Colombia Zayo Group A tiempo completo

    Company Description Zayo provides mission-critical bandwidth to the world’s most impactful companies, fueling the innovations that are transforming our society. Zayo’s 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo’s communications infrastructure solutions include...

  • Director, Data Governance and Operations

    hace 2 semanas

    Desde casa, Colombia Zayo Group A tiempo completo

    Company DescriptionZayo provides mission-critical bandwidth to the world's most impactful companies, fueling the innovations that are transforming our society. Zayo's 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo's communications infrastructure solutions include dark...

  • Global Security Monitoring Analyst

    hace 2 semanas

    Desde casa, Colombia Teleperformance A tiempo completo

    Overview: The GSM Analyst shall identify, collect, and analyze host and user data, and report and track events or incidents that occur or might occur within a network to mitigate immediate and potential network and host threats.Responsibilities: Review security focused events or alerts within the Teleperformance environment. Receive and analyze Data Loss...

  • Senior Security Engineer

    hace 6 días

    Desde casa, Colombia GoDaddy A tiempo completo

    **Location Details**: Remote - Colombia** **Remote**: This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites. **Join our Team** Our Pagely security team is seeking a Senior Security Engineer (SSE) to join our platform security team to protect our...

  • Security Analyst

    hace 4 semanas

    Desde casa, Colombia Zoom Video Communications, Inc. A tiempo completo

    About This Role About the Team The Security Operations Center (SOC) team at Zoom is the first line of defense for security incidents and threats to Zoom. This team is vital to ensuring a safe and secure experience for Zoom customers. About The Role As a Security Analyst reporting to our SOC Manager, you’ll assist in leading a team in response as you...

  • Information Security Risk Specialist

    hace 6 días

    Desde casa, Colombia Convergenz A tiempo completo

    Minimum Qualifications: Experience with NIST special publications and FIPS Experience with information security and assurance principles, including the NIST Cybersecurity Framework Experience with assisting and leading efforts involving the development and interpretation of SOPs, directives and other guidance documents. Experience with assessing NIST...

  • Security Analyst

    hace 2 semanas

    Desde casa, Colombia Zoom Video Communications, Inc. A tiempo completo

    About This RoleAbout the TeamThe Security Operations Center (SOC) team at Zoom is the first line of defense for security incidents and threats to Zoom. This team is vital to ensuring a safe and secure experience for Zoom customers.About The RoleAs a Security Analyst reporting to our SOC Manager, you'll assist in leading a team in response as you investigate...

  • Information Security Risk Specialist

    hace 2 semanas

    Desde casa, Colombia Convergenz A tiempo completo

    Minimum Qualifications:Experience with NIST special publications and FIPSExperience with information security and assurance principles, including the NIST Cybersecurity FrameworkExperience with assisting and leading efforts involving the development and interpretation of SOPs, directives and other guidance documents.Experience with assessing NIST security...

  • Security Researcher

    hace 3 semanas

    Desde casa, Colombia Sonatype A tiempo completo

    Sonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open-source components (Maven Central) to inventing componentized software development and then software supply chain management to creating the only solution...

  • Senior Security Engineer

    hace 2 semanas

    Desde casa, Colombia GoDaddy A tiempo completo

    Location Details: Remote - Colombia**Remote: This is a remote position, so you'll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.Join our TeamOur Pagely security team is seeking a Senior Security Engineer (SSE) to join our platform security team to protect our platforms against...

  • DevOps Project Manager

    hace 3 semanas

    Desde casa, Colombia Doit Security A tiempo completo

    **C**ompany Description** **Doit Security** collaborates closely with established cloud security enterprises, contributing significantly to the evolution of the emerging SASE (Secure Access Service Edge) category. Our dedication lies in providing top-tier enterprise services that resonate on a global scale. **Doit Security** was established in 2021 to...

  • Associate Security Researcher

    hace 1 semana

    Desde casa, Colombia Sonatype A tiempo completo

    Sonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open-source components (Maven Central) to inventing componentized software development and then software supply chain management to creating the only solution...

  • Frontend Developer

    hace 3 semanas

    Desde casa, Colombia Doit Security, Inc. A tiempo completo

    **Company Description** DOIT Security stands at the forefront of cloud security innovation in the burgeoning SASE category. We take pride in our excellence in reinforcing cyber defenses, mitigating data exfiltration risks, and driving cost efficiency through operational optimization. Our mission is not only to secure but also to enhance the enterprise user...

  • Cyber Security Analyst

    hace 2 semanas

    Desde casa, Colombia STEFANINI LATAM A tiempo completo

    Se parte de StefaniniEn Stefanini somos más de genios, conectados desde 41 países, haciendo lo que les apasiona y co-creando un futuro mejor.Seguro no te quieres quedar fueraResponsabilidades y atribucionesDirigir, planificar y controlar los proyectos de ciberseguridad y seguridad de la informacióndentro del alcance, presupuesto y plazos...

  • Cyber Security Analyst

    hace 4 semanas

    Desde casa, Colombia STEFANINI LATAM A tiempo completo

    ¡Se parte de Stefanini! En Stefanini somos más de 30.000 genios, conectados desde 41 países, haciendo lo que les apasiona y co-creando un futuro mejor. ¡Seguro no te quieres quedar fuera! **Responsabilidades y atribuciones** Dirigir, planificar y controlar los proyectos de ciberseguridad y seguridad de la información dentro del alcance, presupuesto...

  • DevOps Engineer

    hace 3 semanas

    Desde casa, Colombia Partner One Capital A tiempo completo

    Fidelis is a leading global provider of advanced threat detection and response solutions. We empower organizations to combat cyber threats with confidence through our innovative technologies and comprehensive cybersecurity expertise. Our solutions enable enterprises to proactively identify, hunt down, and neutralize sophisticated cyber threats, ensuring the...

  • Open Source Vulnerability Security Researcher

    hace 4 semanas

    Desde casa, Colombia Sonatype A tiempo completo

    Sonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open source components (Maven Central) to inventing componentized software development, and then software supply chain management, to creating the only...

  • Director, Application

    hace 2 semanas

    Desde casa, Colombia Zayo Group A tiempo completo

    Company DescriptionZayo provides mission-critical bandwidth to the world's most impactful companies, fueling the innovations that are transforming our society. Zayo's 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo's communications infrastructure solutions include dark...