Riachuelo

Senior Process Analyst – Information Security

Riachuelo

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

About the role

  • Create, review, and maintain Information Security processes based on NIST (CSF and/or SP 800).
  • Design and lead the implementation of an Information Security Management System (ISMS) aimed at ISO/IEC 27001 certification.
  • Ensure all security processes include: process classification, criticality assessment, and performance indicators (KPIs and KRIs).
  • Define, document, and standardize workflows, roles, and responsibilities (RACI) for security processes.
  • Serve as the focal point for internal and external audits, including ISO audits and regulatory audits.
  • Support internal teams in complying with security processes and requirements.
  • Monitor process effectiveness and propose continuous improvements based on indicators and audit results.

Requirements

  • Proven experience in designing and managing Information Security processes.
  • Hands-on experience implementing or maintaining ISO/IEC 27001.
  • Experience with security audits, internal and/or external.
  • Experience working in corporate environments with multiple departments and stakeholders.
  • Knowledge of Information Security frameworks (NIST, ISO/IEC 27001/27002).
  • Process management and continuous improvement.
  • Defining and tracking security indicators.
  • Governance, risk and compliance (GRC) concepts.
  • Technical documentation and clear communication for technical and executive audiences.
  • Strong verbal and written communication skills, with the ability to translate technical topics for diverse audiences.
  • Negotiation and influencing skills to ensure smooth execution of activities and engagement of involved teams.
Benefits
  • Medical insurance;
  • Dental insurance;
  • Meal voucher;
  • Food allowance;
  • Gympass membership;
  • Childcare assistance;
  • Cultural allowance;
  • Work-from-home allowance;
  • Profit-sharing (PLR);
  • Private pension plan;
  • Group life insurance;
  • Educational partnerships;
  • Discounts at Riachuelo.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Information Security processesISO/IEC 27001NISTsecurity auditsprocess managementcontinuous improvementsecurity indicatorstechnical documentationperformance indicatorsInformation Security Management System (ISMS)
Soft skills
communication skillsnegotiation skillsinfluencing skillscollaborationstakeholder engagementprocess classificationcriticality assessmentmonitoring effectivenessproposing improvementsdefining roles and responsibilities