[Job-23160] Senior GRC Security Specialist, Brazil
Brazil
We are tech transformation specialists, uniting human expertise with AI to create scalable tech solutions.With over 7.400 CI&Ters around the world, we’ve built partnerships with more than 1,000 clients during our 30 years of history. Artificial Intelligence is our reality.
Hi There, This is Laura from CI&T!
I am a Talent Attracting Analyst looking for people located in Brazil for a Senior GRC Security Analyst to join our team. The GRC Security Analyst will play a key role in maintaining and enhancing our Cybersecurity Risk Management Process while ensuring adherence to industry standards and regulatory requirements in the medical device sector. This position requires a detail-oriented and proactive individual.
Responsibilities:- Enterprise Cybersecurity Risk Management: Continuously identify, log, and analyze control nonconformities and unresolved/high-risk vulnerabilities across different sources. Maintain the Risk Registry and deliver timely risk treatment updates and reports to stakeholders.- Third-party Cybersecurity Risk Assessments: Executed annually, ensuring alignment with internal risk standards and external compliance requirements.- Cybersecurity Controls Monitoring: Maintain and enhance the cybersecurity control framework by mapping existing controls, collecting evidence of execution, identifying gaps or nonconformities, and aligning overlapping requirements under a unified structure. Ensure adherence to frameworks such as HITRUST, HIPAA, Spain ENS certification.- Policies and Procedures Development: Create and maintain cybersecurity-related policies and procedures. Ensure documentation complies with regulatory and contractual standards.
Requirements for this challenge:- Advanced english for communication with international clients - Excellent communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders.- Strong analytical and problem-solving skills, with the ability to make informed decisions in high-pressure situations.- Conduct cybersecurity risk assessments, identify potential vulnerabilities, and recommend strategies to mitigate risks.- Collaborate with cross-functional teams to ensure that GRC policies, procedures, and controls are effectively communicated and implemented.- Lead efforts to maintain and update documentation related to GRC processes, including risk assessments, policies, and procedures.- Participate in internal and external audits, providing support and documentation as needed to demonstrate compliance.- Strong understanding of GRC frameworks, industry standards, and regulatory requirements.- Excellent analytical skills, attention to detail, and the ability to work independently and in cross-functional teams.
We are looking forward to receiving your application and working together to drive our success.
#LI-LO1
Our benefits:
-Health and dental insurance-Meal and food allowance-Childcare assistance-Extended paternity leave-Partnership with gyms and health and wellness professionals via Wellhub (Gympass) TotalPass;-Profit Sharing and Results Participation (PLR);-Life insurance-Continuous learning platform (CI&T University);-Discount club-Free online platform dedicated to physical, mental, and overall well-being-Pregnancy and responsible parenting course-Partnerships with online learning platforms-Language learning platformAnd many more!
More details about our benefits here: https://ciandt.com/br/pt-br/carreiras
At CI&T, inclusion starts at the first contact. If you are a person with a disability, it is important to present your assessment during the selection process. This way, we can ensure the support and accommodations that you deserve. If you do not yet have the assessment, don't worry: we can support you in obtaining it.
We have a dedicated Health and Well-being team, inclusion specialists, and affinity groups who will be with you at every stage. Count on us to make this journey side by side.
Hi There, This is Laura from CI&T!
I am a Talent Attracting Analyst looking for people located in Brazil for a Senior GRC Security Analyst to join our team. The GRC Security Analyst will play a key role in maintaining and enhancing our Cybersecurity Risk Management Process while ensuring adherence to industry standards and regulatory requirements in the medical device sector. This position requires a detail-oriented and proactive individual.
Responsibilities:- Enterprise Cybersecurity Risk Management: Continuously identify, log, and analyze control nonconformities and unresolved/high-risk vulnerabilities across different sources. Maintain the Risk Registry and deliver timely risk treatment updates and reports to stakeholders.- Third-party Cybersecurity Risk Assessments: Executed annually, ensuring alignment with internal risk standards and external compliance requirements.- Cybersecurity Controls Monitoring: Maintain and enhance the cybersecurity control framework by mapping existing controls, collecting evidence of execution, identifying gaps or nonconformities, and aligning overlapping requirements under a unified structure. Ensure adherence to frameworks such as HITRUST, HIPAA, Spain ENS certification.- Policies and Procedures Development: Create and maintain cybersecurity-related policies and procedures. Ensure documentation complies with regulatory and contractual standards.
Requirements for this challenge:- Advanced english for communication with international clients - Excellent communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders.- Strong analytical and problem-solving skills, with the ability to make informed decisions in high-pressure situations.- Conduct cybersecurity risk assessments, identify potential vulnerabilities, and recommend strategies to mitigate risks.- Collaborate with cross-functional teams to ensure that GRC policies, procedures, and controls are effectively communicated and implemented.- Lead efforts to maintain and update documentation related to GRC processes, including risk assessments, policies, and procedures.- Participate in internal and external audits, providing support and documentation as needed to demonstrate compliance.- Strong understanding of GRC frameworks, industry standards, and regulatory requirements.- Excellent analytical skills, attention to detail, and the ability to work independently and in cross-functional teams.
We are looking forward to receiving your application and working together to drive our success.
#LI-LO1
Our benefits:
-Health and dental insurance-Meal and food allowance-Childcare assistance-Extended paternity leave-Partnership with gyms and health and wellness professionals via Wellhub (Gympass) TotalPass;-Profit Sharing and Results Participation (PLR);-Life insurance-Continuous learning platform (CI&T University);-Discount club-Free online platform dedicated to physical, mental, and overall well-being-Pregnancy and responsible parenting course-Partnerships with online learning platforms-Language learning platformAnd many more!
More details about our benefits here: https://ciandt.com/br/pt-br/carreiras
At CI&T, inclusion starts at the first contact. If you are a person with a disability, it is important to present your assessment during the selection process. This way, we can ensure the support and accommodations that you deserve. If you do not yet have the assessment, don't worry: we can support you in obtaining it.
We have a dedicated Health and Well-being team, inclusion specialists, and affinity groups who will be with you at every stage. Count on us to make this journey side by side.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: Artificial Intelligence Audits Compliance HIPAA HITRUST Monitoring Risk assessment Risk management Vulnerabilities
Perks/benefits: Career development Fitness / gym Health care Insurance Medical leave Wellness
Region:
South America
Country:
Brazil
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cybersecurity Engineer jobsInformation System Security Officer jobsIT Security Analyst jobsSenior Security Analyst jobsSenior Information Security Analyst jobsSecurity Operations Engineer jobsSenior Cloud Security Engineer jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Product Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSecurity Consultant jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsNetwork Engineer jobsCyber Threat Intelligence Analyst jobsSenior Software Engineer jobsIT Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobsSenior IT Auditor jobs
GDPR jobsSecurity assessment jobsEDR jobsTS/SCI jobsEncryption jobsSDLC jobsThreat detection jobsRMF jobsMalware jobsTerraform jobsSplunk jobsSQL jobsIDS jobsITIL jobsFinance jobsCompTIA jobsOWASP jobsTop Secret jobsIPS jobsForensics jobsSOC 2 jobsActive Directory jobsDocker jobsGIAC jobsClearance Required jobs
TCP/IP jobsOSCP jobsCRISC jobsHIPAA jobsMITRE ATT&CK jobsDoDD 8570 jobsIntrusion detection jobsAnsible jobsVPN jobsCCSP jobsZero Trust jobsJavaScript jobsSOAR jobsJira jobsDNS jobsUNIX jobsIT infrastructure jobsData Analytics jobsIndustrial jobsSOX jobsBanking jobsNIST 800-53 jobsKPIs jobsGCIH jobsSANS jobs