IT Governance Specialist focusing on ITSM processes at Riachuelo. Leading process evolution and project implementation within Jira.
About the role
- Identify and manage technology risks related to Information Security and Data Protection for TIM. Collaborate with IT and business to implement action plans and monitor compliance.
Responsibilities
- Perform analysis of corporate projects, identifying technical and procedural weaknesses related to Information Security and Data Protection;
- Conduct risk assessments on technology assets (systems, networks, security devices, websites and applications) in On-Premises and Cloud Computing environments (IaaS, PaaS, SaaS);
- Work together with IT and Business areas to oversee the implementation of action plans and mitigating controls resulting from risk analyses and project reviews;
- Monitor and report on the progress of action plans related to vulnerabilities and non-conformities, ensuring mitigation within defined deadlines;
- Support the analysis of strategic projects, ensuring compliance with legal, regulatory and corporate security requirements;
- Assess risks and internal controls (technological and procedural), aligning them with good governance practices and industry frameworks;
- Conduct vendor assessments as part of RFP/RFQ/RFI processes, analyzing technology and business risks associated with the procurement of solutions and services;
- Evaluate and approve requests related to Site-to-Site VPNs, ensuring secure integration with external vendors;
- Support the review and update of policies, standards, processes and internal controls related to Information Security, IT Governance and secure development practices;
- Perform triage and routing of requests from the demand management system, ensuring correct prioritization and allocation of tasks.
Requirements
- Proven experience in Risk Management, Project Analysis and Information Security;
- Knowledge of reference frameworks and standards such as ISO/IEC 27001, ISO/IEC 27005, NIST CSF, COBIT and ITIL;
- Experience with Cloud Security (IaaS, PaaS, SaaS) and risk analysis in hybrid environments;
- Knowledge of IT vendor assessment and Third Party Risk Management (TPRM) processes;
- Experience in vulnerability analysis and tracking mitigation plans;
- Knowledge of managing information security policies, standards and controls;
- University degree required, preferably in Information Technology, Information Security, Computer Engineering or related fields.
Benefits
- Flexible Benefits Program
- Medical and Dental Coverage *
- Medication Benefit *
- Wellhub (formerly Gympass) *
- Food and/or Meal Allowance
- Financial Wellness Program
- Private Pension Plan
- Company mobile phone with unlimited data and voice allowance
- Discounts and partnerships with over 3,000 companies and institutions, including discounts on your electricity bill and broadband internet
- Online English course extendable to one family member or friend
- Internal Training and Development Program
- Profit Sharing
- "My First Benefit" - Support for children up to 2 years old
- Daycare Reimbursement (for parents)
- Flexible work models and schedules
- Happy Day - Day off during your birthday month
- Extended leave for maternity, paternity, marriage and adoption
- Transportation Voucher
- And more!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
RIS Engineer responsible for design, integration, and optimization of intelligent infrastructure systems. Working with DAR Engineering on large - scale projects in Saudi Arabia.
Manager of Risk and Controls leading strategies to mitigate risks in business operations at Arc’teryx. Requires strong experience in risk advisory and collaboration with global partners.
Operational Risk professional managing risks in fintech operations at mylo. Supporting risk identification, assessment, and mitigation for operational processes and third - party relationships.
Technical Data Governance Analyst at Compare the Market responsible for enterprise data catalogue and governance. Collaborating with teams to enhance data accessibility and support AI initiatives.
Graduate Analyst role in Corporate Risk & Broking. Supporting client servicing, account management, and developing technical understanding in the insurance and risk management industry.
Governance & Operation Specialist enhancing service delivery across France and Luxembourg. Engaging with teams to maintain quality frameworks and drive continuous improvement initiatives.
Associate Director in Enterprise Risk Management driving development and oversight of ERM Framework across Waystone Group. Collaborating with senior management and relevant Boards for effective risk management.
Lead the development and oversight of Absa Bank's Control environment with strategic leadership and team management. Ensure risk mitigation and operational integrity in a governance role.
Data Governance Analyst driving enterprise - wide data initiatives at AFL, a leading manufacturer of fiber optic solutions. Engaging stakeholders to enhance data quality and governance practices.