Information Security Risk Management Specialist
Heredia, Heredia, Costa Rica
hace 6 días

Experian is seeking a Control Issue Specialist to join its Information Security Governance and Control Assurance team. The Information Security Governance and Control Assurance team is the principal advocate for information security across the Enterprise and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the organization.

The Control Issue Specialist will contribute to the team’s goal of executing a risk-based approach to security assurance and program governance by ensuring identified deficiencies and potential risks to the organization are recorded appropriately.

Additional responsibilities include but are not limited to :

Document issues and deficiencies identified through the governance, risk and controls process i.e. control self-assessments and attestation, continuous control monitoring and control testing to ensure corrective actions agreed with control owners are documented and managed in the Archer GRC platform.

Review identified issues and assign appropriate risk categories as defined by the established risk management process

Leverage defined issue categories to determine; appropriate workflow, ownership and levels of approval

Engage relevant stakeholders to document approvals for exceptions if a corrective action / plan is not viable per issue owner

Follow the standardized issues management process and workflow to ensure documented issues and deficiencies are monitored, reported, escalated (as needed) and managed to closure

Create issues and risk reports across Business Units and functional groups as input for monthly Regional Risk Committee meetings

Qualified applicants must meet the minimum requirements below :

5+ years’ experience performing IT / Information Security control assessments.

Bachelor’s degree in management information systems or relevant field or equivalent demonstrable experience.

Strong knowledge of information security frameworks such as ISO 27001, NIST CSF, PCI, and HIPAA.

Experience with GRC tools, such as Archer is required.

CISA, CISM, ISO 27001 Lead Auditor or comparable certifications preferred.

Experience with security control design, implementation and evaluation

Strong verbal and written communication skills, process driven, detail oriented and ability to articulate risks and findings to senior management.

Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adapt to change.

Experience with GRC tools, such as Archer is required.

Reportar esta oferta

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

Mi Correo Electrónico
Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
Formulario de postulación