EdgeUno

Governance & Compliance Security Analyst

EdgeUno

full-time

Posted on:

Location Type: Hybrid

Location: BogotáColombia

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cloud

About the role

  • Maintain and update the Information Security Management System (ISMS) in line with ISO/IEC 27001
  • Coordinate periodic risk assessments, Statement of Applicability (SoA) updates, and treatment plans
  • Support internal and external audits (preparation, evidence collection, tracking of nonconformities and corrective actions)
  • Develop, review, and maintain information security policies, standards, and procedures
  • Monitor and support compliance with applicable laws, regulations, and contractual security requirements (telecom, data protection, client demands)
  • Support third party risk management process: security assessments of vendors, service providers, and partners
  • Keep ISMS and governance documentation well organized and current
  • Produce reports and dashboards on compliance status, audit results, and ISMS performance for management
  • Contribute to security awareness initiatives around policies, acceptable use, and data protection
  • Act as a point of contact for questions related to policies, compliance, and third party security requirements
  • Work closely with IT, Security Operations, Legal, HR, Procurement, and business units to ensure controls are understood and applied

Requirements

  • Bachelor’s degree in Information Security, Systems Engineering, Law, Business, or related field (or equivalent experience)
  • 2–5+ years of experience in information security, GRC (Governance, Risk & Compliance)
  • Good understanding of ISO/IEC 27001 and related standards
  • Experience with security policies, procedures, and audit processes
  • Familiarity with basic risk management concepts and methods
  • Ability to review and interpret contracts, SLAs, and security clauses (desirable)
  • Strong documentation, organization, and reporting skills
  • Ability to work collaboratively with technical and non-technical teams
  • Attention to detail, structured thinking, and a proactive mindset
  • Nice to Have: Experience in telecom, ISP, hosting, or cloud environments
  • Knowledge of data protection regulations (e.g., local privacy laws, GDPR exposure)
  • Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar.
Benefits
  • Competitive compensation aligned with senior technical roles in the region
  • Opportunity to influence software quality standards across the organization
  • Strong engineering culture focused on ownership, automation, and continuous improvement
  • Collaborative, multicultural, execution-driven environment
  • A critical role in a fast-growing digital infrastructure company operating across Latin America

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
ISO/IEC 27001risk assessmentsinformation security policiesaudit processesrisk managementcompliance monitoringsecurity assessmentsdocumentation managementreportingdata protection regulations
Soft skills
documentation skillsorganizational skillsreporting skillscollaborative workattention to detailstructured thinkingproactive mindset
Certifications
ISO 27001 Lead ImplementerISO 27001 AuditorCISA