Our Client
Our client is a global leader in Testing, Inspection and Certification (TIC), delivering high quality services to help clients meet the growing challenges of quality, safety, environmental protection, and social responsibility. We are hiring a Compliance And Privacy Specialist to join the global security team.
Your FunctionsTo support the Cybersecurity GRC Manager in implementing and maintaining the organization's cybersecurity strategy, with a focus on compliance, privacy, and risk management aligned with NIST CSF, ISO 27001, and privacy regulations.
Key Responsibilities:Compliance and Privacy Management:
• Manage internal compliance frameworks for Privacy and NIST CSF
• Translate security policies into actionable plans for users, project teams, and businesses
• Support implementation and maintenance of ISO 27001 certification
• Ensure compliance with privacy regulations (GDPR, LGPD, CPRA, etc.)Risk Assessment and Management:
• Perform risk analyses for internal projects and new business applications
• Conduct cloud risk analyses and provide security recommendations
• Support the Cybersecurity GRC Manager in maintaining the organization's risk registerAudit and Assessment:
• Participate in the internal audit program, focusing on privacy and NIST CSF compliance
• Improve audit methodologies and manage audit schedules
• Perform privacy audits and NIST CSF assessmentsSecurity by Design:
• Implement and manage the "security by design" framework
• Advise project teams on security measures from project initiation to go-live
• Provide guidance on secure application developmentStakeholder Management:
• Act as a point of contact for business teams on cybersecurity topics
• Manage and respond to clients' security questionnaires
• Conduct security maturity reviews and provide recommendationsContinuous Improvement:
• Stay updated on the latest developments in information security standards and ecosystem
• Contribute to the development of an ISS knowledge base within the organization
• Support the implementation of security programs (e.g., data classification, DLP)Position RequisitesFormación: GradoIdiomas: Inglés: C1Conocimientos: GDPR, ISO 27001Experiencia: 3 añosEducation:
Master's degree in Computer Science, Information Security, or related field
Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Auditor, NIST CSF Practitioner)
Experience:
5+ years of experience in cybersecurity, with a focus on compliance and privacy
Experience in implementing/auditing ISO 27001, NIST CSF, and privacy regulations
Experience in information systems risk evaluation and compliance program implementation
#J-18808-Ljbffr