08 mar
Horatio
Bogotá
Information Security and Compliance Lead (BOG) Horatio Bogota, D.C., Capital District, Colombia Position Summary: The Information Security and Compliance Lead is responsible for ensuring that Hire Horatio's information technology (IT) systems and processes comply with relevant laws, regulations, and standards.
Responsibilities: Monitor and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance.
Develop and implement policies and procedures for IT governance and risk management, including identifying, assessing, and mitigating risks.
Develop, implement, and maintain compliance frameworks, policies, and procedures to align with applicable laws (e.g., GDPR, HIPAA,
PCI DSS) and industry standards (e.g., ISO 27001, NIST).
Conduct regular audits and assessments to ensure compliance with applicable laws, regulations, and standards, such as SOC 2 Type 2, HIPAA, PCI DSS, GDPR, and SOX.
Ensure clear documentation and communication of IT policies and procedures to relevant stakeholders.
Work closely with other IT and business teams to integrate risk management and compliance considerations into the organization's operations and processes.
Provide guidance, training, and support to other members of the organization on IT governance and risk compliance best practices and protocols.
Keep up to date with the latest developments in IT governance and risk compliance, and evaluate and recommend solutions and tools to enhance the organization's compliance posture.
Report on the organization's compliance status and risk profile to relevant stakeholders, such as the Head of IT, regulatory bodies, and external auditors.
Required Skills/Abilities: Advanced English proficiency.
Excellent leadership, communication,
and cross-functional collaboration skills.
Proven expertise in cloud security, particularly within AWS environments.
Strong hands-on experience with Zscaler, CrowdStrike, and OneTrust.
Demonstrated ability to develop and implement security policies, procedures, and frameworks.
Experience in conducting security assessments, vulnerability management, and incident response.
In-depth knowledge of regulatory frameworks such as SOC2, HIPAA, GDPR, and PCI DSS.
Ability to stay current with emerging cybersecurity trends and threats.
Strong analytical skills with the ability to assess risks, analyze complex problems, and develop practical solutions.
Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making at all levels of the organization.
Strong project management skills with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines in a fast-paced environment.
Understanding of risk management principles and techniques, including risk assessment, risk analysis, and risk mitigation.
Familiarity with cybersecurity and network security concepts, including threat intelligence, incident response, and vulnerability management.
Ability to analyze and interpret data and use it to inform decision-making.
Education and Experience: Bachelor's degree in Information Technology, Computer Science, or a related field.
Advanced degree or professional certifications (e.g., CISA, CISSP, CRISC, CGEIT) preferred.
Proven experience (typically 3+ years) in IT governance, risk management, and compliance roles,
preferably within regulated industries such as finance, healthcare, or technology.
In-depth knowledge of IT governance frameworks, standards, and regulatory requirements (e.g., GDPR, HIPAA, SOX).
On-site position in Bogota.
#J-18808-Ljbffr
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.