Noorden Group

Information Security Analyst – Senior

Noorden Group

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

About the role

  • Information Security Risk Management: Lead processes to identify, analyze, assess, and treat security risks.
  • Perform periodic risk assessments on systems, projects, vendors, and internal processes.
  • Monitor action plans and ensure risks are mapped and tracked.
  • Support impact analyses and the prioritization of security initiatives.
  • Policies, Standards and Procedures Management: Develop, review, and maintain the information security policy set aligned with global frameworks.
  • Ensure version control, communication, and organizational adherence to policies.
  • Support internal teams in creating operational procedures and best-practice guides.
  • Conduct annual review cycles of corporate policies.
  • Cybersecurity Governance: Monitor and track security indicators, metrics, and KPIs.
  • Prepare executive reports and dashboards for the board and risk committees.
  • Support internal and external audits, assisting with gap remediation.
  • Contribute to maturity assessments (e.g., NIST, ISO, CIS).
  • Support the development and maintenance of the Information Security Master Plan (PDSI).
  • Security Awareness Program: Plan and execute internal security awareness campaigns.
  • Develop educational content (videos, emails, presentations, and e‑learning tracks).
  • Conduct phishing simulations and report engagement and progress metrics.
  • Collaborate with internal communications to strengthen the organization's security culture.

Requirements

  • Knowledge of frameworks: ISO/IEC 27001/27002, NIST CSF, CIS Controls, COBIT.
  • Understanding of risk principles (ISO 31000, qualitative and quantitative methodologies).
  • Experience creating and reviewing policies, standards, and guidelines.
  • Familiarity with LGPD, privacy, and compliance.
  • Familiarity with risk management tools, GRC platforms, or corporate workflow systems.
  • Strong written and verbal communication skills.
  • Organized and able to prioritize work effectively.
  • Analytical and process-oriented.
  • Proactive with a strong sense of ownership.
  • Ability to engage with technical teams and business units.
  • Bachelor's degree in Information Technology, Information Security, Engineering, Business Administration, or related fields.
Benefits
  • Health insurance
  • Flexible work hours
  • Professional development opportunities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information Security Risk ManagementRisk AssessmentsCybersecurity GovernancePolicies and Standards ManagementSecurity Awareness ProgramNISTISO/IEC 27001ISO/IEC 27002CIS ControlsCOBIT
Soft Skills
Strong written communicationStrong verbal communicationOrganizational skillsPrioritizationAnalytical skillsProcess-orientedProactiveOwnershipEngagement with technical teamsCollaboration