Vaga de Senior Analyst, IT Risk Assessment
1 vaga: | Publicada em 15/04
- A Combinar
Sobre a vaga
KEY RESPONSABILITIES
Design and Implement the risk management and internal control framework defined by
the Group within the organization including identifying, analyzing, evaluating,
mitigating and monitoring of risks.
Develop and implement internal controls together with the appointed stakeholders
in accordance with global policies and guidelines.
Assist and Implement the Guidelines and Policies endorsed by Group to embed into
the organization.
Manage, coach, support control, risk and process owners. Promote integrity and
strong risk culture and awareness within the organization.
Identify potential areas of risk, compliance and control weaknesses; develop/
implement corrective action plans to resolve problematic issues, and provide
general guidance on how to avoid or deal with similar situations in the future;
Assist and monitor the development and implementation of internal control
improvements; Monitor changes in business processes, information systems,
management and operations, and coordinate with operations to ensure mitigation of
control risks;
Initiate and coordinate with internal and external assurance providers for
evaluating the effectiveness of controls and ensure remediation of identified
weaknesses
Engage with stakeholders, including management and internal stakeholders, to
facilitate appropriate initiatives to coordinate compliance approaches
Assist with any other requirements determined by management to support the
business
Provide risk advisory services to business/functions.
Participate in the risk assessment of technology focus areas where effectiveness
of controls requires improvements develop report to address risk observed and
present to stakeholders
Participate in the review of technology, information, cyber risk related
regulatory and legal guidelines.
Keep abreast of new technologies and related risks, regulatory requirements for
technology and information security and industry trends.
JOB REQUIREMENTS
Bachelors degree in Networking, Engineering (Computer/Telecommunication),
Computer Science, Information Technology or a related field.
Minimum 3 years relevant experiences in Information Security and IT Security.
English - Intermediate level (Written & Spoken)
Experience in implementation and management of Information Security risk.
Knowledge in organization risk, network / application / database / hardware
security background in multiple server OS environments and proficiencies.
Basic knowledge in system and network such as routers, routings, firewall,
proxies, servers, etc.
Infrastructure knowledge covering server and network.
Conceptual skills including qualitative and quantitative methods for risk
management and experience with risk management and internal control frameworks
(e.g. COSO, ISO, COBIT)
Process-oriented and problem-solving attitude as well as strong organizational
skills and hands-on mentality.
Strong and effective communication, presentation, project management and social
skills
Ability to function effectively in a dynamic, fast paced environment.
Ability to work independently and take initiative. While cooperatively work with
other internal departments, external service providers and a global team.
Good written and communication skills with ability to interact and engage with
stakeholders
Attention to detail is important.
Self-starter and able to work independently in a structured manner.
Willing to work on-site on a daily basis in Campinas.
Flexible and willing to travel.