Vaga de Senior Analyst, IT Risk Assessment
1 vaga: | Publicada em 15/04
- A Combinar
Sobre a vaga
KEY RESPONSABILITIES Design and Implement the risk management and internal control
framework defined by the Group within the organization including identifying,
analyzing, evaluating, mitigating and monitoring of risks. Develop and implement
internal controls together with the appointed stakeholders in accordance with
global policies and guidelines. Assist and Implement the Guidelines and Policies
endorsed by Group to embed into the organization. Manage, coach, support control,
risk and process owners. Promote integrity and strong risk culture and awareness
within the organization. Identify potential areas of risk, compliance and control
weaknesses; develop/ implement corrective action plans to resolve problematic
issues, and provide general guidance on how to avoid or deal with similar
situations in the future; Assist and monitor the development and implementation of
internal control improvements; Monitor changes in business processes, information
systems, management and operations, and coordinate with operations to ensure
mitigation of control risks; Initiate and coordinate with internal and external
assurance providers for evaluating the effectiveness of controls and ensure
remediation of identified weaknesses Engage with stakeholders, including
management and internal stakeholders, to facilitate appropriate initiatives to
coordinate compliance approaches Assist with any other requirements determined by
management to support the business Provide risk advisory services to
business/functions. Participate in the risk assessment of technology focus areas
where effectiveness of controls requires improvements develop report to address
risk observed and present to stakeholders Participate in the review of technology,
information, cyber risk related regulatory and legal guidelines. Keep abreast of
new technologies and related risks, regulatory requirements for technology and
information security and industry trends. JOB REQUIREMENTS Bachelors degree in
Networking, Engineering (Computer/Telecommunication), Computer Science,
Information Technology or a related field. Minimum 3 years relevant experiences in
Information Security and IT Security. English - Intermediate level (Written &
Spoken) Experience in implementation and management of Information Security risk.
Knowledge in organization risk, network / application / database / hardware
security background in multiple server OS environments and proficiencies. Basic
knowledge in system and network such as routers, routings, firewall, proxies,
servers, etc. Infrastructure knowledge covering server and network. Conceptual
skills including qualitative and quantitative methods for risk management and
experience with risk management and internal control frameworks (e.g. COSO, ISO,
COBIT) Process-oriented and problem-solving attitude as well as strong
organizational skills and hands-on mentality. Strong and effective communication,
presentation, project management and social skills Ability to function effectively
in a dynamic, fast paced environment. Ability to work independently and take
initiative. While cooperatively work with other internal departments, external
service providers and a global team. Good written and communication skills with
ability to interact and engage with stakeholders Attention to detail is important.
Self-starter and able to work independently in a structured manner. Willing to
work on-site on a daily basis in Campinas. Flexible and willing to travel.