Empleos actuales relacionados con Information Security Analyst - Bogotá Cundinamarca - Rainforest Alliance

  • Information Security Analyst

    hace 3 días

    Bogotá, Cundinamarca, Colombia Scotiabank A tiempo completo

    Requisition ID: 232261Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota.Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we're always committed to results, in an inclusive, diverse, and high-performing culture.Information Security Associate, Privileged...

  • Information Security Analyst

    hace 1 semana

    Bogotá, Colombia Scotiabank A tiempo completo

    Information Security Associate, Privileged Access Management (PAM) Scotiabank’s Information Security & Control (IS&C)’s Global Identity and Access Management group is responsible for development, management and governance of logical access control to the bank’s information systems. Privileged Access Management (PAM) is a unit in the identity and access...

  • Information Security Analyst

    hace 2 días

    Bogotá, Colombia Scotiabank A tiempo completo

    Requisition ID: 232261 Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota. Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture. **Information Security Associate,...

  • Information Security Analyst

    hace 2 semanas

    Bogotá, Distrito Capital, Colombia Scotiabank A tiempo completo

    Requisition ID: Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota. Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture. Information Security Associate, Privileged...

  • Information Security Operations Analyst

    hace 2 semanas

    Bogotá, Colombia Mastercard A tiempo completo

    **Our Purpose** - Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation,...

  • Information Security Manager

    hace 2 días

    Bogotá, Colombia Edgeuno A tiempo completo

    EdgeUno is seeking an experienced and proactive **Information Security Manager** to lead the company’s global cybersecurity and information security risk management initiatives. This role will partner closely with IT, Engineering, Operations, and Executive teams to own and mature EdgeUno’s end-to-end **Information Security Program**, ensuring...

  • Information Security Engineer

    hace 1 semana

    Bogotá, Cundinamarca, Colombia Quorum Business Solutions A tiempo completo

    Information Security EngineerLocation: Bogota, ColombiaModel of Work: HybridPlease Submit your CV/Resumé in EnglishAre you excited by challenges? Do you enjoy working in a fast-paced, international, and dynamic environment which contributes to drive the energy transition? Then now is the time to join Quorum Software, a rapidly growing technology &...

  • Information Security Principal Engineer-remote

    hace 5 días

    Bogotá, Cundinamarca, Colombia TTEC A tiempo completo

    Information Security Principal Engineer-Remote Be the spark that brightens days and ignites your career with TTEC’s award-winning employment experience. As an Information Security Principal Engineer working remotely in Colombia, you’ll be a part of bringing humanity to business. #experienceTTEC Our employees have spoken. Our purpose, team, and company...

  • MDR Security Analyst

    hace 1 semana

    Bogotá, Bogotá D.E., Colombia Cato Networks A tiempo completo

      We are seeking a highly energetic and talented security analyst to join Cato Networks' Managed Detection and Response (MDR) team. As an MDR security analyst, your primary responsibility will be to identify and respond to security threats across our service customers. You will utilize the groundbreaking Cato Threat Hunting System to proactively seek out...

  • Senior Security Analyst

    hace 3 semanas

    Bogotá, Colombia B. Braun Melsungen AG A tiempo completo

    Senior Security Analyst Functional Area: Information Technology Working Model: Hybrid Requisition ID: 8609 You’re an important part of our future. Hopefully, we’re also a part of your future! At B. Braun, we protect and improve the health of people worldwide. You support this vision, bringing expertise and sharing innovation, efficiency and...

Information Security Analyst

hace 3 semanas

Bogotá Cundinamarca, Colombia Rainforest Alliance A tiempo completo

The Opportunity:

We are seeking an experienced and highly motivated Information Security Analyst to join our security team.

This role will be critical in protecting our digital assets, detecting and responding to security incidents, and ensuring the continuous improvement of our security posture.

You will work proactively to identify security risks, develop, and implement security frameworks, and ensure the integrity and confidentiality of our IT systems and data.

The successful candidate will be responsible for all KPIs related to cyber security. You will be expected to coordinate implementation of all information security related processes in conjunction with others at Rainforest Alliance. You will also be handling and coordinating task/activities by firms/individuals contracted to provide information security services, working to ensure peers, senior and junior colleagues deliver necessary environment improvements effectively and expediently.

The ideal candidate will have a strong technical background and confirmed hands-on experience in securing Microsoft cloud environments (Azure, Entra ID, Microsoft 365, Purview, Defender Suite), implementing endpoint hardening strategies, and using advanced security tools.

Key Responsibilities:

Security Operations & Incident Response:

  • Participate in security incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis.
  • Monitor security alerts from various sources (SIEM, EDR, cloud logs) and respond to security incidents in a timely manner.
  • Develop and maintain security documentation, including procedures, runbooks, and incident response plans.
  • Conduct vulnerability assessments and assist in penetration testing remediation efforts.

Security Awareness & Training:

  • Contribute to the development and delivery of security awareness training for employees, acting as a domain authority for security best practices.

Collaboration:

  • Work closely with all IT teams, Enterprise Architecture, PMO and other stakeholders to ensure security is integrated into all aspects of our infrastructure and applications at the design and requirements stage.
  • Through reporting, monitoring and alerting, find opportunities for automation and improvement of RA security posture, including exception handling of threat alerts, patches, system and software vulnerabilities.

Reporting:

  • Creation of weekly and monthly reporting packs, demonstrating rolling position on vulnerabilities, threats, progress against plan on key security initiatives.

Risk Management:

  • Conduct risk assessments and participate in security design reviews to ensure appropriate mitigations are in place for new services and system changes (shifting security left).

Azure Security:

  • Administer and configure Azure security services (e.g., Azure Security Centre/Defender for Cloud, Defender for Endpoint, Azure Network Security Groups, Azure Key Vault, Azure Firewall etc).
  • Monitor Azure environments for security threats, vulnerabilities, and misconfigurations.
  • Implement and make sure security best practices within Azure IaaS and PaaS deployments, audit Azure resources for compliance.

Entra ID (Azure AD) Security:

  • Lead and secure Entra ID (Azure Active Directory) including Conditional Access Policies, Multi-Factor Authentication (MFA), Identity Governance, and Privileged Identity Management (PIM).
  • Monitor Entra ID for suspicious activity and unauthorised access attempts.
  • Implement Zero Trust principles, ensuring least privilege access, secure authentication flows, and continuous risk-based conditional access.

Microsoft 365 Administration & Security:

  • Secure Microsoft 365 services (Exchange Online, SharePoint Online, OneDrive, Teams, etc.), looking after user access, data governance, and threat protection within the Microsoft 365 ecosystem.
  • Configure and optimise Microsoft 365 security features (e.g., Defender for Office 365, Data Loss Prevention (DLP), Microsoft Purview + compliance policies).

Endpoint Hardening:

  • Develop, implement, and maintain security baselines and hardening standards for endpoints (Windows, macOS, Linux).
  • Configure and handle Microsoft Entra Domain Services based Group Policies (GPOs) and equivalent Mobile Device Management (MDM) solutions for security settings.
  • Ensure secure configuration and patch management across all endpoints.
  • Report on exceptions to relevant Team Managers and ensure mitigation is undertaken, through regular engagement.

XDR:

  • Administer, configure, and optimise RA's XDR service, currently Crowdstrike Falcon but planned for migration to Microsoft Defender XDR.
  • Monitor alerts and dashboards for endpoint security incidents and threats, perform threat hunting and incident response activities using CrowdStrike data.
  • Develop and refine custom detections and response playbooks within CrowdStrike.

Vulnerability Scanning:

  • Identify and prioritise remediation of CVE-aligned vulnerabilities
  • Provide reporting to IT leadership on progress against remediation targets
  • Notify IT teams of emerging high/critical vulnerabilities and coordinate remediation planning
  • Devise reporting dashboards for senior IT leadership

Required Qualifications:

  • Minimum of 3 years of hands-on experience in an information security role.
  • Proven working experience and deep understanding of Azure security services and best practices.
  • Extensive hands-on experience with Entra ID (Azure Active Directory) and Microsoft 365 security administration.
  • Demonstrable experience with endpoint hardening methodologies and implementation.
  • Hands-on administration and operational experience with CrowdStrike Falcon platform.
  • Experience with security incident response and threat hunting.
  • Solid understanding of networking concepts.
  • Familiarity with security frameworks (e.g., Cyber Essentials, NIST, ISO
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work independently and as part of a team in a fast-paced environment.

Preferred Qualifications:

  • Relevant security certifications (e.g., AZ-500 Microsoft Certified: Azure Security Engineer Associate, SC-200 Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CISSP, GIAC certifications).
  • Experience with scripting languages (e.g., PowerShell, Python) for automation and security tasks.
  • Knowledge of cloud security posture management (CSPM) tools.
  • Demonstrable experience with other EDR/XDR solutions.
  • Understanding of regulatory and technical compliance requirements (e.g., GDPR, HIPAA, PCI DSS, CIS, NIST, ISO27001).

Level: 4

Deadline: 26 December 2025

Salary: Commensurate with experience

Notes: Only candidates legally authorized to work in Colombia will be considered.

If you have any questions about the job vacancy, please contact the HR department:

The Rainforest Alliance encourages diversity and inclusion across the global organization. With this commitment to diversity, we are proud to be an equal opportunity employer and do not discriminate on the basis of gender, race, color, ethnicity, religion, sexual orientation, gender identity, ages, disability and any other protected group.