Sr Information Security Analyst - Monterrey, México - iKraft Solutions

iKraft Solutions

Empresa verificada

Monterrey, México

hace 2 semanas

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

The
Sr Information Security Analyst will be a key member Information Security team.

This person will work closely with cross functional teams to ensure appropriate physical, administrative and technical controls are operating effectively to ensure the confidentiality, integrity and available information resources.

Strategize on the development and execution of the Information Security and GRC program and roadmap.

Develop, maintain, and enforce Information Security Policies, Standards, Guidelines, and other Information Security related documents.
Conduct regular risk and vulnerability assessments to identify areas of concern.
Assess and monitor security processes and controls to assure compliance with applicable security frameworks, regulatory, and client requirements.
Perform and manage thirdparty security risk assessments.
Collaborate with cross functional teams to collect evidence for customer audits and policy frameworks such as ISO27001, CMMC, GDPR, CPRA
Maintain the security risk register and track the progress of remediation efforts.
Manage the information security awareness programs which include security awareness training, phishing campaigns, security newsletters and publications
Monitor changes to security best practices, using industry frameworks, and regulations to determine how these changes may impact security posture.
Develop metrics and dashboards to measure and showcase the maturity progression of Information Security program.
Implement, administer, and maintain Information Rights Management tool.
Develop and update data flow diagrams for critical systems. Help identify manual workarounds for system integrations and dependencies to help mature cyber resiliency program.
Create, update, and maintain the privacy data map that is required for different privacy regulations (GDPR, CPRA, PIPL, DPDP).
Perform privacy impact and/or security assessments as needed for different projects and systems.
Provide cybersecurity expertise/consulting to teams and management

Requirements:

Commute to work without problems or plan to move before starting work in
Mexicali B

Minimum Education Level: Bachelor's Degree, Information Systems Management, Computer Science, Cybersecurity, or related field.
5+ years of fulltime work experience in IT audit, security risk management, information security, security compliance, privacy, or other GRC areas.
Experience in leading security assessments, developing and implementing security controls, and driving security compliance programs.
Working knowledge of Privacy (GDPR, CCPA, PIPL), ISO27000 and NIST requirements.
Understanding of common Information Security frameworks such as COBIT, SANS Critical Controls, and NIST CSF
Good communication skills, strong work ethic, attention to detail, and ability to collaborate in a team setting.
Strong critical thinking, analytical, and problemsolving skills
Proficient with the Microsoft office suite.
CISSP, CISA, CISM, CRISC or a similar risk management, audit, or security certification(s) is preferred.