Plus
Включить Plus
Назад
Company hidden
18 часов назад

Senior GRC Security Specialist (Cybersecurity)

Формат работы
remote (только Colombia/Brazil)
Тип работы
fulltime
Грейд
senior
Английский
c1
Страна
Colombia/Brazil
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior GRC Security Specialist (Cybersecurity): Maintaining and enhancing cybersecurity risk management processes for the medical device sector with an accent on control nonconformities, vulnerabilities, and regulatory compliance. Focus on conducting third-party risk assessments, managing cybersecurity controls framework, and developing policies aligned with HITRUST, HIPAA, and other standards.

Must be located in Colombia, Homeoffice/Remote

Company

Tech transformation specialists uniting human expertise with AI to create scalable tech solutions for over 1,000 clients worldwide.

What you will do

  • Identify, log, and analyze cybersecurity control nonconformities and high-risk vulnerabilities, maintaining the Risk Registry and delivering reports to stakeholders.
  • Conduct annual third-party cybersecurity risk assessments aligned with internal and external standards.
  • Maintain and enhance the cybersecurity control framework, mapping controls, collecting evidence, and identifying gaps.
  • Develop and maintain cybersecurity policies and procedures compliant with regulatory and contractual standards.
  • Collaborate with cross-functional teams to implement GRC policies and support internal/external audits.

Requirements

  • Advanced English for communication with international clients
  • 5+ years in GRC, Cyber Risk Management, or related roles
  • Strong understanding of GRC frameworks, industry standards (HITRUST, HIPAA, Spain ENS), and regulatory requirements
  • Excellent analytical, problem-solving, and communication skills for technical/non-technical stakeholders
  • Experience conducting risk assessments, identifying vulnerabilities, and recommending mitigation strategies

Nice to have

  • Threat intelligence experience
  • Track record working for US-based companies
  • Bachelor’s degree in Computer Science, Information Security, or related
  • Medical device industry experience
  • Familiarity with FDA, ISO, NIST; certifications like CISSP, CISA, CRISC

Culture & Benefits

  • Premium healthcare, meal vouchers, maternity/parental leaves
  • Mobile services subsidy, sick pay, life insurance
  • hirify.global University for learning, Colombian holidays, paid vacations
  • Diverse, inclusive work environment valuing collaboration and excellence

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →