Information Security Risk Assessor

hace 6 días

Monterrey, México Nearshore Cyber A tiempo completo

**Location: Monterrey or Matamoros, Mexico**:
**Applications from persons not living in Mexico will NOT be accepted.**

Information Security Risk Assessors report continuously on the state of risk, providing visibility and helping business leaders and risk managers understand where risk resides and where improvements must be made to protect the business. Such reporting includes adherence to regulations and industry guidelines, as well as corporate risk acceptance. The cybersecurity risk assessor focuses on third-party risk, as well as risks within internal and business-controlled areas of security, technology, and business processes. Information Security Risk Assessors partner with audit, compliance, and legal as needed.

**Essential Job Duties**
- Serve on a distributed risk team responsible for reviewing and documenting where security and technology controls are adequate, as well as areas requiring improvement and where risk is to high.
- Recommend risk reduction steps to be implemented and maintained through policies, procedures, frameworks, and technical controls.
- Work closely with risk management and security leadership, teammates, and stakeholders to evaluate and recommend models aligning with organizational risk posture.
- Identify strengths and weaknesses in the program as they relate to privacy, security, business resiliency, and compliance frameworks.
- Document, formulate and enforce security improvements that balance risk with business operations, and do not diminish efficiencies or innovation.
- Attend change and project management meetings to understand and proactively strengthen controls to avoid unnecessary risk across lines of business.
- Support company risk posture through development of controls and processes used in test, quality assurance and production environments from conception to completion.
- Analyze workflows, design documents and procedures to identify gaps in risk posture and risk acceptability based on controls.
- Create and present risk posture discovery and recommendation reports to leadership.
- Review technical reports from vulnerability and penetration testing assessments, and results from tabletop exercises.
- Monitor plans of action and milestones for risk remediation requirements from internal and external security assessments, vulnerability reports, audit findings and security gaps.
- Remain educated on regulatory requirements, internal policies, and industry best practices.
- Liaise with technical and business teams on business continuity and disaster recovery requirements.
- Provide strong oversight of third parties, vendors, and business partners to safeguard against undue risk presented by external entities.
- Frequently interact with business units to understand their plans, risk posture and tolerance, and how to support their vision and business obligations with security and risk in mind.
- Openly support the organization, the management team, and executive leadership team, even during times of adversity.
- Perform other duties as assigned.

**Skills and Experience**
- Preferably 3-5+ years experience in security systems administration, with 2+ years risk management experience.
- Ideally familiar with one or more regulatory requirements and laws such as, but not limited to, SOX, HIPAA, GDPR, and GLBA. Additionally, experience in one or more: ISO 17799, ITIL and NIST.
- General understanding of the Factor Analysis of Information Risk (FAIR) methodology.
- Track record of taking pride in work, seeking to excel, and being curious and flexible. Strong written and oral communication skills across varying levels of the organization.
- Understanding of service design, delivery concepts and control frameworks.
- Organized, with the ability to prioritize and complete tasks within defined SLAs.
- Excellent judgment and ability to make quick decisions when working with complex situations.
- High degree of integrity, trustworthiness, and confidence; represents the company and its management team with the highest level of professionalism.
- Education Requirements
- Bachelors degree or equivalent industry experience in information assurance, computer science, engineering, or related field.

**Certification Requirements**
- CRISC, CISSP, CISA, CGEIT, GCCC, GSEC, GISP, or other relevant certifications preferable but not required.

  • Global Information Security Risk and Compliance

    hace 3 semanas

    Monterrey, México Nemak A tiempo completo

    Objective As part of the Information Security organization, develop a strategic program to ensure compliance of regulatory requirements to support the organization's resilience. Through a process of Risk Management and the systematic evaluation of potential threats, the organization will be able to meet the law, regulations and contractual requirements and...

  • Sr Information Security Analyst

    hace 4 semanas

    Monterrey, México iKraft Solutions A tiempo completo

    The **Sr Information Security Analyst **will be a key member Information Security team. This person will work closely with cross functional teams to ensure appropriate physical, administrative and technical controls are operating effectively to ensure the confidentiality, integrity and available information resources. Strategize on the development and...

  • Information Security Consultant

    hace 1 mes

    Monterrey, Nuevo León, México Danfoss A tiempo completo

    Job DescriptionAre you looking to join a company that is passionate about the environment and is actively contributing to the green movement? Do you want to be a part of safeguarding the future of this remarkable organization? Are you someone who thrives in a progressive and dynamic work environment that prioritizes Information Security? Do you aspire to...

  • Information Security Consultant

    hace 4 semanas

    Monterrey, Nuevo León, México Danfoss A tiempo completo

    Job DescriptionAre you looking to join a company that is passionate about the environment and is actively contributing to the green movement? Do you want to be a part of safeguarding the future of this remarkable organization? Are you someone who thrives in a progressive and dynamic work environment that prioritizes Information Security? Do you aspire to...

  • Information Security Engineer

    hace 6 días

    Monterrey, México Nearshore Cyber A tiempo completo

    **Location: Monterrey or Matamoros, Mexico**:** Applications from persons not living in Mexico will NOT be accepted.** The role also requires an understanding of business goals/strategy and operational requirements in a fast-paced environment. Throughout the roles key responsibilities, the Information Security Engineer must always consider opportunities to...

  • Information Security Consultant

    hace 2 meses

    Monterrey, México Danfoss A tiempo completo

    Job Description Do you want to work in an exciting company that cares about the climate and that contributes to the green transition? Do you want to help protect this great company? Do you thrive in a developing and dynamic company that invests in Information Security? Do you want to play a key part in the management of information security risks? If you can...

  • Information Security Consultant

    hace 4 semanas

    Monterrey, México Danfoss A tiempo completo

    Job Description Do you want to work in an exciting company that cares about the climate and that contributes to the green transition? Do you want to help protect this great company? Do you thrive in a developing and dynamic company that invests in Information Security? Do you want to play a key part in the management of information security risks? If you can...

  • IT Security Risk

    hace 2 semanas

    Monterrey, Nuevo León, México Neoris A tiempo completo

    IT Security Risk & Compliance Analyst:Date:Mar 6, 2023Location: MONTERREY, MXCompany:NEORISEn NEORIS, acelerador digital que ayuda a las compañías a entrar en el futuro, estamos en búsqueda de IT Security Risk & Compliance Analyst ,Principales Responsabilidades: Definición de planes de trabajo Diseño de soluciones de seguridad. Diseño e implementación...

  • Information Security Engineer

    hace 2 semanas

    Monterrey, Nuevo León, México Nearshore Cyber A tiempo completo

    Location: Monterrey or Matamoros, Mexico: Applications from persons not living in Mexico will NOT be accepted.The role also requires an understanding of business goals/strategy and operational requirements in a fast-paced environment.Throughout the roles key responsibilities, the Information Security Engineer must always consider opportunities to integrate...

  • Information Security Analyst

    hace 6 días

    Monterrey, México Nearshore Cyber A tiempo completo

    **Location: Monterrey or Matamoros, Mexico**:** Applications from persons not living in Mexico will NOT be accepted.** The Information Security Analyst is responsible for activities relating to monitoring and responding to security events. The analyst receives, researches, triages, and documents all security events and alerts as they are received,...

  • Information Security Intern

    hace 3 semanas

    Monterrey, México Chubb INA Holdings Inc. A tiempo completo

    Job Requirements **Role Purpose**: The Information Security Intern (ISI) assists in the development, implementation, and maintenance of the global information security program, focusing on regional vulnerability management. As a member of the regional information security team, the ISI position is tasked with providing support and follow up for regional...

  • Information Security Analyst

    hace 2 semanas

    Monterrey, Nuevo León, México Nearshore Cyber A tiempo completo

    Location: Monterrey or Matamoros, Mexico: Applications from persons not living in Mexico will NOT be accepted.The Information Security Analyst is responsible for activities relating to monitoring and responding to security events. The analyst receives, researches, triages, and documents all security events and alerts as they are received, supporting multiple...

  • Information Security Consultant

    hace 2 semanas

    Monterrey, N.L., México Danfoss GmbH A tiempo completo

    Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: Create Alert Select how often (in days) to receive an alert: Do you want to work in an exciting company that cares about the climate and that contributes to the green transition? Do you want to help protect this great company? Do you thrive in a developing and...

  • Information Security Analyst

    hace 1 semana

    Monterrey, México Envia.com A tiempo completo

    **What do we expect from you in the area?** As an **Information Security Analyst**, you will be responsible for protecting the company's systems, networks, and data against cyber threats. You will detect and respond to security incidents, mitigate vulnerabilities, educate staff on security, ensure compliance with applicable security regulations and...

  • Ot Risk

    hace 2 semanas

    Monterrey, Nuevo León, México Axen A tiempo completo

    At AXEN IT Consulting we are growing exponentially with clients with great growth projections, We have more than 25 years of experience in the information technology services market, Focused on our growth and at the same time offering improvement plans to our talent, We are currently looking for " OT Risk & Compliance " with the profile: Resource...

  • OT Risk

    hace 2 semanas

    Monterrey, Nuevo León, México DEINTEC A tiempo completo

    ¿Buscas ser parte de una empresa innovadora, inclusiva y colaborativa, que valora tanto tu desarrollo profesional como el equilibrio entre tu vida personal y laboral, y que cuenta con diversidad de clientes líderes en varios sectores? Si es así, descubre la vacante que Deintec tiene para ti e impulsa tu carrera en ITPosición: OT Risk & Compliance...

  • Ot Risk

    hace 1 semana

    Monterrey, México Axen A tiempo completo

    Description At AXEN IT Consulting we are growing exponentially with clients with great growth projections, We have more than 25 years of experience in the information technology services market, Focused on our growth and at the same time offering improvement plans to our talent, We are currently looking for " OT Risk & Compliance " with the profile: ...

  • Third Party Risk Advisor

    hace 6 días

    Monterrey, México Nearshore Cyber A tiempo completo

    **Location: Monterrey or Matamoros, Mexico**:** Applications from persons not living in Mexico will NOT be accepted.** The Third Party Risk Advisor is responsible for third-party information risk management related to suppliers and other third parties. The individual creates and leads an effective program to improve suppliers' information security maturity...

  • Ot Risk

    hace 2 semanas

    Monterrey, Nuevo León, México DEINTEC A tiempo completo

    ¿Buscas ser parte de una empresa innovadora, inclusiva y colaborativa, que valora tanto tu desarrollo profesional como el equilibrio entre tu vida personal y laboral, y que cuenta con diversidad de clientes líderes en varios sectores? Si es así, descubre la vacante que Deintec tiene para ti e impulsa tu carrera en ITPosición:OT Risk & Compliance...

  • Specialist, Information Security

    hace 3 semanas

    Monterrey, México Celestica A tiempo completo

    Performs tasks such as, but not limited to, the following: - Be able to administratively configure and manage key security solutions - Manage an enterprise-sized solution base of more than 15,000 endpoints - Provide 3rd level security solution support ensuring specified service levels are met - Able to provide input to and work with the larger security team...