Information Security - Guadalajara, México - HireRight
Descripción
About HireRight:
Overview:
This role is based in Mexico as an Information Security
- Third Party Risk Management Analyst (SECGRC), reporting to the InfoSec TPRM Lead Analyst on the Governance Risk & Compliance (GRC) Team. This person will assist in the management and reporting of all aspects of vendor/ Third Party Risk Management (TPRM) operational monitoring to ensure that the organization's Information Security standards are identified, well documented, and remediation plans formalized in a timely fashion.
Responsibilities:
- Ability to conduct comprehensive risk assessments of external vendors
- Distribute and assess vendor security audits and questionnaires regularly
- Monitor the ongoing activities and performance of third parties to identify emerging risks or changes to risk profiles
- Build on the automation process for thirdparty risk
- Responsible for security research and to determine areas of vendor risk
- Partner with internal stakeholders across all business groups to support GRCrelated initiatives and communicate back to stakeholders about vendor management.
- Work closely with the security team and partners to ensure that the information security program adheres to industry, government, and organizational standards.
- Schedule and perform risk assessments using a defined methodology to identify, document, and communicate control deficiencies in business processes and technology systems or offices.
Qualifications:
Education:
- High School diploma or GED required;
- Bachelor's degree in applicable field preferred but not required; Combination of adequate education and work experience considered as an alternate.
Experience:
- Prior experience conducting internal and external risk assessments and providing guidance to functional teams with the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and / or remediation items
- Experience with managing TPRM issue remediations in a confidential and sensitive manner
- High degree of independence and exceptional work ethic within a small team with a solutionoriented mindset
- Familiarity with IT and Information Security best practices
- 13 years of relevant experience is required.
Knowledge & Skills:
- Frameworks, Regulations, and Security Control sets: NIST Cybersecurity Framework (CSF), ISO27001, NIST 80053, GDPR)
- Knowledge of Enterprise Risk Management software (i.e., AuditBoard, ServiceNow, Archer, etc.)
- Security and Privacy controls validation experience preferred
- General IT knowledge (architecture, networking, operations)
- Ability to synthesize complex data, produce appropriate outcomes, and convey information designed for relevant audiences
- Stakeholder and executive audience engagement and communication
- Worked with common business processes and crossdepartmental projects
- Working familiarity with BCP/DR programs, Privacy, and Physical Security evidence
- Exceptional interpersonal, written, and oral communication skills
- Certifications or other specialized training such as, Security+, CCSK, GSEC, CIPP/X.
Preferred: ISO27001/LI and/or ISO27001/LA and ISO27701
What do we offer:
Work wherever The location of this role is flexible, of course you will get a fair financial compensation and from day one you will receive a training plan to get you on board quickly.
In addition, you will have the opportunity to join our team of 3,000+ Team Members that work in 15 countries, serving clients in 200+ countries and territories.
Many of our Team Members have been with HireRight for a long time.But that's not all, you will get additional benefits like:
- Christmas Bonus
- Additional Holidays: Holy Thursday & Friday, Mother's Day, Day of the Dead and Virgin of Guadalupe.
- Food Voucher + Meal Bonus
- Generous Vacation Program
- Monthly Transportation Allowance / Payment of Teleworking Expenses
- Insurance for major medical expenses
- Business Casual Attire
- Generous Referral Program
- Professional Growth
HireRight, LLC is an Equal Opportunity Employer
Minorities / Females / Veterans / Disabilities
LI-REMOTE
Más ofertas de trabajo de HireRight
-
Supervisor, Cash Allocation
Guadalajara, México - hace 3 semanas
-
React Software Developer
Guadalajara, México - hace 3 horas
-
Contracts Counsel
Guadalajara, México - hace 3 semanas
-
D365 Functional Specialist
Tlahuac, México - hace 2 semanas
-
D365 Finance and Operations Lead
Guadalajara, México - hace 4 semanas
-
Sr. Database Administrator
Guadalajara, México - hace 4 semanas