Contact Us

Hybrid Mid-level Information Security Analyst – GRC, White Team

at Evertec

Visit Evertec websiteVisit Evertec LinkedIn

Posted 7 hours ago

Apply now

About the role

  • Analista de Segurança da Informação Pleno at Evertec, ensuring compliance with information security standards. Supporting ISO certifications and risk management in financial technology environment.

Responsibilities

  • Support the maintenance of ISO 27001 and PCI DSS certifications, as well as SOX compliance requirements and Business Continuity;
  • Contribute to compliance with Resolution 498 and other applicable regulatory standards;
  • Develop, review and maintain information security policies, standards, procedures and guidelines;
  • Participate in information security risk assessment activities, including assessments of suppliers, partners, acquisitions and third parties (TPRM);
  • Support ISMS (PDSI) management, monitoring indicators and metrics (KPIs);
  • Participate in information security awareness initiatives and training;
  • Support business continuity management activities, including plans, tests and reviews;
  • Provide support for internal and external audits, assisting with evidence collection, action plans and the follow-up of nonconformities.

Requirements

  • Bachelor’s degree;
  • Solid fundamentals in Information Security and GRC;
  • Practical knowledge of ISO/IEC 27001 (controls, ISMS, audits);
  • Basic understanding of PCI DSS (concepts and general requirements);
  • Experience developing and maintaining security policies, standards and procedures;
  • Understanding of risk management (identification, analysis, treatment and monitoring);
  • Knowledge of Third-Party Risk Management (TPRM);
  • Familiarity with internal and external audits and evidence management;
  • Basic to intermediate knowledge of business continuity (BCM/DRP);
  • Ability to monitor and report information security indicators and KPIs.

Benefits

  • Meal or food allowance;
  • Flexible Benefit (Flash);
  • Health insurance;
  • Partners for psychological, legal, financial and nutritional support (CLUDE, C4LIFE and ASQ);
  • Psicologia Viva (telepsychology service);
  • Dental care;
  • Daycare assistance;
  • Support for children with special needs;
  • Fertility treatment assistance;
  • Extended maternity and paternity leave;
  • Transportation voucher or Home Office Allowance (for telework contracts);
  • Gympass (Wellhub) and TotalPass;
  • Flexible working hours;
  • Life insurance;
  • Employee partnerships club;
  • Partnership with Sesc;
  • Just dress — no dress code;
  • Day off on your birthday;
  • Beca (education incentive program);
  • PPR or bonus — based on achievement of goals and results.

Job title

Mid-level Information Security Analyst – GRC, White Team

Job type

Full Time

Experience level

Mid levelSenior

Salary

Not specified

Degree requirement

Bachelor's Degree

Location requirements

HybridSao PauloBrazil

Report this job

See something inaccurate? Let us know and we'll update the listing.

Report job

Similar roles

Browse all Compliance jobs

Regulatory Specialist

Element Solutions Inc

Japan Regulatory Specialist ensuring compliance for chemical products manufactured and imported into Japan. Managing inquiries and regulatory updates for chemical products sold in Japan.

Onsite Role
JapanCompliance

Regulatory Affairs Assistant

VIDARA

Regulatory Affairs Assistant for VIDARA Group ensuring compliance with EU regulations. Involves administrative support, data management, and communication with suppliers and clients.

Onsite Role
OlenBelgiumCompliance

Application Compliance Specialist

SAP

Compliance Specialist translating compliance and NIS2 requirements for energy trading applications. Supporting documentation standards and collaboration in a hybrid work environment.

Hybrid Role
WarsawPolandCompliance