01 mar
Hire Horatio CX
Bogotá
Position Summary:
The Information Security and Compliance Lead is responsible for ensuring that Hire Horatio’s information technology (IT) systems and processes comply with relevant laws, regulations, and standards.
Responsibilities:
- Monitor and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance.
- Developing and implementing policies and procedures for IT governance and risk management, including identifying, assessing, and mitigating risks.
- Develop, implement, and maintain compliance frameworks, policies, and procedures to align with applicable laws (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., ISO 27001, NIST).
- Conducting regular audits and assessments to ensure compliance with applicable laws, regulations, and standards, such as SOC 2 Type 2, HIPPA, the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Regulation (GDPR), and the Sarbanes-Oxley Act (SOX), etc.
- Ensure clear documentation and communication of IT policies and procedures to relevant stakeholders.
- Working closely with other IT and business teams to integrate risk management and compliance considerations into the organization's operations and processes.
- Providing guidance, training, and support to other members of the organization on IT governance and risk compliance best practices and protocols.
- Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture.
- Reporting on the organization's compliance status and risk profile to relevant stakeholders, such as the Head of IT, regulatory bodies, and external auditors.
- Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture.
Required Skills/Abilities:
- Advanced English proficiency.
- Excellent leadership, communication, and cross-functional collaboration skills.
- Proven expertise in cloud security, particularly within AWS environments.
- Strong hands-on experience with Zscaler, CrowdStrike, and OneTrust.
- Demonstrated ability to develop and implement security policies, procedures, and frameworks.
- Experience in conducting security assessments, vulnerability management, and incident response.
- In-depth knowledge of regulatory frameworks such as SOC2, HIPAA, GDPR, and PCI DSS.
- Ability to stay current with emerging cybersecurity trends and threats.
- Strong analytical skills with the ability to assess risks,
analyze complex problems, and develop practical solutions.
- Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making at all levels of the organization.
- Strong project management skills with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines in a fast-paced environment.
- Understanding of risk management principles and techniques, including risk assessment, risk analysis, and risk mitigation.
- Familiarity with cybersecurity and network security concepts, including threat intelligence, incident response, and vulnerability management.
- Ability to develop and implement policies and procedures related to IT governance and risk management.
- Ability to analyze and interpret data and use it to inform decision-making.
Education and Experience:
- Bachelor's degree in Information Technology, Computer Science, or a related field.
- Advanced degree or professional certifications (e.g., CISA, CISSP, CRISC, CGEIT) preferred.
- Proven experience (typically 3+ years) in IT governance, risk management, and compliance roles, preferably within regulated industries such as finance, healthcare, or technology.
- In-depth knowledge of IT governance frameworks, standards, and regulatory requirements (e.g. GDPR, HIPAA, SOX).
On-site position in Bogota.
Powered by JazzHR
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.