Information Security Analyst supporting security practices at Silimed, the leading silicone implant manufacturer in Latin America. Ensuring compliance and resilience in critical OT & IT environments.
About the role
- Cyber Risk Analyst at Semperis safeguarding organizational assets through risk analysis and mitigation. Collaborating with vendors and cross-functional teams to assess and control Cyber Risks.
Responsibilities
- Safeguarding the organization's assets and ensuring operational resilience by identifying and assessing potential Cyber Risks of all incoming vendors, third parties, services, and technology
- Collaborate with cross-functional teams and third-party vendors to request, collect, and analyze pertinent information and collateral
- Conduct technology risk assessments across new and existing applications
- Ensure comprehensive documentation is maintained for all approved and denied exceptions
- Collect, process, and interpret multiple sources of data to model Cyber Risk scenarios and translate findings into measurable business risk statements
- Track risk plan milestones and drive issue management
- Develop mitigation strategies, recommend strategies to reduce, transfer, or avoid Cyber Risks
- Perform security assessments of new and existing third-party vendors and service providers
- Utilize and manage the corporate GRC platform and risk management tools to streamline risk workflows
- Respond to customer, partner, or compliance questionnaires related to product security
- Gather evidence and documentation required for internal and external security audits
Requirements
- 5+ years of relevant experience in Information Security, IT Risk Management, IT Audit, or GRC, with a heavy focus on technology risk
- Deep working knowledge of key GRC concepts, risk assessment methodologies, and industry frameworks (e.g., NIST SP 800-53/CSF, ISO 27001)
- Proven, hands-on experience using and configuring modern GRC platforms for risk management, policy management, and compliance automation. Experience in configuring and using tools such as Archer, ServiceNow, MetricStream or Vanta preferred
- Experience with IT and Security tools, SaaS / other Cloud technologies and/or software development
- Certifications: CRISC, CISM, CISA, or similar recognized security and risk management certifications
- Bachelor’s degree in computer science, Information Security, or a related field
- Must be a US Citizen.
Benefits
- Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies
- a DUNS 100 Top Startup to Work For
- multi-year Inc. Best Workplace awardee
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Analyst focusing on incident response and threat intelligence for Infotree Global Solutions. Collaborating on investigations and proactive security analysis across the global enterprise environment.
Security Analyst defending enterprise systems against cyber threats. Supporting threat intelligence and incident response activities in a global biotechnology organization.
Information Security Analyst at ISH. Ensuring cybersecurity through incident management and user support while working in a dynamic team.
Senior Cybersecurity Analyst at Localiza&Co, responsible for securing information systems and data integrity through various cybersecurity measures. Engage in planning and implementing security protocols for cloud integrations.
Information Security Analyst handling security incidents and leading technical initiatives within a retail company. Involves reporting, tool management, and policy development.
Lead Cybersecurity Analyst specializing in Cloud Security for FIS. Assessing security posture of cloud environments and providing actionable remediation strategies.
Network Security Analyst II securing information systems and networks against security threats at Cayuse. Responsible for vulnerability assessments, incident response, and security measures implementation.
Threat Hunting Analyst supporting Sales/Pre - Sales teams demonstrating threat detection capabilities at Bolster. Conducting investigations, analyzing phishing infrastructure, and building customer trust.
Junior Cybersecurity Analyst supporting operational technology security and vulnerability management efforts in a hybrid work environment at Minsait.