10 mar
Horatio
Bogotá
Information Security and Compliance Lead (BOG) Horatio Bogota, D.C., Capital District, Colombia Position Summary: The Information Security and Compliance Lead is responsible for ensuring that Hire Horatio’s information technology (IT) systems and processes comply with relevant laws, regulations, and standards. Responsibilities:
- Monitor and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance.
- Develop and implement policies and procedures for IT governance and risk management, including identifying, assessing, and mitigating risks.
- Develop, implement, and maintain compliance frameworks, policies, and procedures to align with applicable laws (e.g., GDPR,
HIPAA, PCI DSS) and industry standards (e.g., ISO 27001, NIST).
- Conduct regular audits and assessments to ensure compliance with applicable laws, regulations, and standards, such as SOC 2 Type 2, HIPAA, PCI DSS, GDPR, and SOX.
- Ensure clear documentation and communication of IT policies and procedures to relevant stakeholders.
- Work closely with other IT and business teams to integrate risk management and compliance considerations into the organization's operations and processes.
- Provide guidance, training, and support to other members of the organization on IT governance and risk compliance best practices and protocols.
- Keep up to date with the latest developments in IT governance and risk compliance, and evaluate and recommend solutions and tools to enhance the organization's compliance posture.
- Report on the organization's compliance status and risk profile to relevant stakeholders, such as the Head of IT, regulatory bodies, and external auditors.
Required Skills/Abilities:
- Advanced English proficiency.
- Excellent leadership, communication,
and cross-functional collaboration skills.
- Proven expertise in cloud security, particularly within AWS environments.
- Strong hands-on experience with Zscaler, CrowdStrike, and OneTrust.
- Demonstrated ability to develop and implement security policies, procedures, and frameworks.
- Experience in conducting security assessments, vulnerability management, and incident response.
- In-depth knowledge of regulatory frameworks such as SOC2, HIPAA, GDPR, and PCI DSS.
- Ability to stay current with emerging cybersecurity trends and threats.
- Strong analytical skills with the ability to assess risks, analyze complex problems, and develop practical solutions.
- Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making at all levels of the organization.
- Strong project management skills with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines in a fast-paced environment.
- Understanding of risk management principles and techniques, including risk assessment, risk analysis, and risk mitigation.
- Familiarity with cybersecurity and network security concepts, including threat intelligence, incident response, and vulnerability management.
- Ability to analyze and interpret data and use it to inform decision-making.
Education and Experience:
- Bachelor's degree in Information Technology, Computer Science, or a related field.
- Advanced degree or professional certifications (e.g., CISA, CISSP, CRISC, CGEIT) preferred.
- Proven experience (typically 3+ years) in IT governance, risk management, and compliance roles,
preferably within regulated industries such as finance, healthcare, or technology.
- In-depth knowledge of IT governance frameworks, standards, and regulatory requirements (e.g., GDPR, HIPAA, SOX).
On-site position in Bogota. #J-18808-Ljbffr
IT
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.