Dasa

Mid-level Information Security Analyst – IAM, QA

Dasa

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cloud

About the role

  • Primary focus on Governance, Risk, and Compliance (GRC) and direct maintenance of the Information Security Management System (ISMS);
  • Lead updates to policies, processes, and procedures based on the ISO/IEC 27000 family standards and NIST guidelines;
  • Proactively and dynamically support internal and external audits;
  • Participate in audit kick-off meetings, identify non-conformities, and provide consultative support for preventive and corrective action plans;
  • Support and conduct technical and operational audits in on-premises and cloud environments;
  • Assess the effectiveness of cybersecurity controls against internal information security policies and industry best-practice frameworks;
  • Ensure Dasa’s IT and information security governance meets regulatory requirements.

Requirements

  • Education: Bachelor's degree completed;
  • Logical reasoning and strong analytical skills;
  • Ability to ask probing questions, propose solutions, be proactive, and manage client relationships;
  • Ability to interact with diverse technology teams with varying technical backgrounds;
  • Knowledge of Power BI is a plus;
  • Access Management: responsible for leading the Access Management team in performing role-related activities, ensuring information security best practices;
  • Automation: responsible for performing role-related activities, analyzing risks and compliance related to access identities;
  • QA: responsible for performing role-related activities, analyzing risks and compliance related to access identities;
Benefits
  • We do not charge any fees during our recruitment processes

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
GovernanceRisk ManagementComplianceInformation Security Management SystemISO/IEC 27000NIST guidelinesCybersecurity controlsAccess ManagementAutomationQuality Assurance
Soft skills
Logical reasoningAnalytical skillsProactiveClient relationship managementCommunicationProblem-solvingTeam collaborationConsultative supportDiversity interactionPreventive action planning