Director of Asset Management Risk managing controls for new products and regulatory requirements. Collaborating with business partners to assess risks and lead executive presentations.
About the role
- Identify and manage technology risks related to Information Security and Data Protection for TIM. Collaborate with IT and business to implement action plans and monitor compliance.
Responsibilities
- Perform analysis of corporate projects, identifying technical and procedural weaknesses related to Information Security and Data Protection;
- Conduct risk assessments on technology assets (systems, networks, security devices, websites and applications) in On-Premises and Cloud Computing environments (IaaS, PaaS, SaaS);
- Work together with IT and Business areas to oversee the implementation of action plans and mitigating controls resulting from risk analyses and project reviews;
- Monitor and report on the progress of action plans related to vulnerabilities and non-conformities, ensuring mitigation within defined deadlines;
- Support the analysis of strategic projects, ensuring compliance with legal, regulatory and corporate security requirements;
- Assess risks and internal controls (technological and procedural), aligning them with good governance practices and industry frameworks;
- Conduct vendor assessments as part of RFP/RFQ/RFI processes, analyzing technology and business risks associated with the procurement of solutions and services;
- Evaluate and approve requests related to Site-to-Site VPNs, ensuring secure integration with external vendors;
- Support the review and update of policies, standards, processes and internal controls related to Information Security, IT Governance and secure development practices;
- Perform triage and routing of requests from the demand management system, ensuring correct prioritization and allocation of tasks.
Requirements
- Proven experience in Risk Management, Project Analysis and Information Security;
- Knowledge of reference frameworks and standards such as ISO/IEC 27001, ISO/IEC 27005, NIST CSF, COBIT and ITIL;
- Experience with Cloud Security (IaaS, PaaS, SaaS) and risk analysis in hybrid environments;
- Knowledge of IT vendor assessment and Third Party Risk Management (TPRM) processes;
- Experience in vulnerability analysis and tracking mitigation plans;
- Knowledge of managing information security policies, standards and controls;
- University degree required, preferably in Information Technology, Information Security, Computer Engineering or related fields.
Benefits
- Flexible Benefits Program
- Medical and Dental Coverage *
- Medication Benefit *
- Wellhub (formerly Gympass) *
- Food and/or Meal Allowance
- Financial Wellness Program
- Private Pension Plan
- Company mobile phone with unlimited data and voice allowance
- Discounts and partnerships with over 3,000 companies and institutions, including discounts on your electricity bill and broadband internet
- Online English course extendable to one family member or friend
- Internal Training and Development Program
- Profit Sharing
- "My First Benefit" - Support for children up to 2 years old
- Daycare Reimbursement (for parents)
- Flexible work models and schedules
- Happy Day - Day off during your birthday month
- Extended leave for maternity, paternity, marriage and adoption
- Transportation Voucher
- And more!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Fraud Risk Oversight Director overseeing risk management programs at Truist. Leading teams to ensure efficient risk practices and compliance within the financial services sector.
Overseeing Third Party Risk Management related activities at Truist. Managing application and reporting strategy along with technology enablement support.
Manager overseeing Operational Risk Management for Manulife. Responsible for effective risk governance, data analysis, and cross - functional collaboration.
AVP, IS Risk Management leading information security risk management activities. Overseeing risk assessments, third - party management, and compliance at Synchrony.
Risk Management Manager at Early Warning leading LOD1 risk and internal control efforts. Overseeing and coordinating risk management processes across various business lines and compliance areas.
AI and Model Risk Lead Consultant at Allstate responsible for model and AI risk management across enterprise. Leading initiatives, ensuring compliance, and supporting various risk assessments and governance frameworks.
Governance & Control Specialist managing risk and compliance activities at TD Bank. Overseeing governance and control operations, leading initiatives to enhance risk management practices.
Analista de Governança, Processos e Inteligência em TI at Afya, focusing on IT governance and compliance processes and controls.
Energy Market Risk Analyst at Next Kraftwerke working on product verification and risk assessment. Collaboration with Finance and Trading teams in a hybrid working environment.