Governance, Cybersecurity Specialist
Sinqia
full-time
Posted on:
Location Type: Hybrid
Location: São Paulo • 🇧🇷 Brazil
Visit company websiteJob Level
Mid-LevelSenior
About the role
- Governance Development and Oversight: Design and maintain governance frameworks aligned with NIST CSF and ISO 27001 standards.
- Develop and implement security policies, standards, and procedures across the organization.
- Risk Management: Conduct regular risk assessments to identify and mitigate security vulnerabilities.
- Oversee third-party risk management programs and ensure vendor compliance with security policies.
- Compliance and Audit: Ensure compliance with regulatory requirements and industry standards.
- Lead internal and external audits, including gap analyses, remediation plans, and reporting.
- Incident Response and Threat Management: Develop and implement incident response plans, including playbooks and escalation protocols.
- Oversee monitoring and analysis of security events using SIEM tools and other technologies.
- Stakeholder Engagement: Act as a bridge between cybersecurity, IT teams, and business leadership to align security objectives with business goals.
- Provide regular updates and reports to senior management on security posture and risk management progress.
- Continuous Improvement: Drive continuous improvements in cybersecurity governance by leveraging industry best practices and lessons learned.
- Stay up to date on emerging threats, vulnerabilities, and regulatory changes to ensure proactive responses.
Requirements
- Governance Development and Oversight: Design and maintain governance frameworks aligned with NIST CSF and ISO 27001 standards.
- Develop and implement security policies, standards, and procedures across the organization.
- Risk Management: Conduct regular risk assessments to identify and mitigate security vulnerabilities.
- Oversee third-party risk management programs and ensure vendor compliance with security policies.
- Compliance and Audit: Ensure compliance with regulatory requirements and industry standards.
- Lead internal and external audits, including gap analyses, remediation plans, and reporting.
- Incident Response and Threat Management: Develop and implement incident response plans, including playbooks and escalation protocols.
- Oversee monitoring and analysis of security events using SIEM tools and other technologies.
- Stakeholder Engagement: Act as a bridge between cybersecurity, IT teams, and business leadership to align security objectives with business goals.
- Provide regular updates and reports to senior management on security posture and risk management progress.
- Continuous Improvement: Drive continuous improvements in cybersecurity governance by leveraging industry best practices and lessons learned.
- Stay up to date on emerging threats, vulnerabilities, and regulatory changes to ensure proactive responses.
Benefits
- Partnership club
- Health insurance
- Meal allowance
- Childcare assistance
- Life insurance
- Transportation voucher
- Flexible Benefits (choose the benefits according to your needs).
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
governance frameworksNIST CSFISO 27001security policiesrisk assessmentsthird-party risk managementcompliance auditsincident response plansSIEM toolscybersecurity governance
Soft skills
stakeholder engagementcommunicationleadershiporganizational skillsproblem-solvinganalytical skillscollaborationreportingcontinuous improvementadaptability