Job Title: Governance, Risk and Compliance Associate (NON Lawyers)
Job Description:
This role will be focused on security operations delivery for the assigned Client Program. Participate in establishing a program to deter, detect and mitigate risks, including establishing capability to monitor and audit information, evaluate personnel security information, establish employee awareness, driving assurance test and supporting internal and external audits.
In our Information Technology and Global Security team, you will deliver cutting-edge technology infrastructure, transformative software solutions and industry-leading global security for our staff and clients. You will work with the best in the world to design, implement and strategize IT, security, application development, innovation, and solutions in today's hyperconnected world. You will be part of the technology team that is core to our vision of design, build and run the future of CX.
We're a remote-first company looking for the absolute best talent in the world.
Responsibilities:
- Activities include conducting server and network device security health checks, infrastructure vulnerability assessment(s), identity validation and summary reports detailing findings for improvement.
- Conduct and oversee all time bound IT Security Calendar Activities like TCP/IP scanning, ID validation, health checks, log(s) review, anti-virus management, server patch management and ensure closure of all related tasks.
- Participate in establishing a program to mitigate risks including the capability to monitor and audit information, evaluate personnel security information, establish employee awareness, drive assurance testing and support internal and external audits.
- Ensure compliance to all IT Security Operations' processes such as ensuring processes are executed, processes are measured and confirmation of corrective actions.
- Implement information security measures as per client contracts/specifications.
- Assess Client requirements and interpret contractual obligations to ensure compliance to those requirements are met at respective location.
- Manage the required information security testing performed by the operations teams, CNX/Client/Internal/Standards (PCI, ISO 27001, SSAE186).
- Facilitate and analyze pre-and post-audit deliverables and their understanding of IT/GS security standards.
- Manage and analyze customer Client audits, assessments and inspections, to include determination of pre-audit and post audit deliverables, pre-audit preparations and execution of remediation plans.
- Make recommendations for correction for any information security audit findings.
- Be a subject matter expert of Global Security requirements including regulatory, cross local/country laws and contract interpretation.
- Ensure compliance to Contact Center Security Responsibility (CCSR) without undue impact to Operations.
- Manage documentation for all information security procedures to improve levels of service, efficiency and meet quality standards.
Candidate Profile:
- Bachelor's Degree in related fields
- 2-3 years' of experience in IT, IT security, audit, risk and/or compliance (or internal candidates with specific program knowledge)
- Advanced English level
- Knowledge or prior experience with IT security tools such as those for vulnerability scanning, end point monitoring, etc.
- Experience with MS Office tools, Mac tools, collaboration tools such as SharePoint.
- Schedule Flexibility
Location: BRA Sao Paulo - Agua Branca
Language Requirements:
Time Type: Full time
If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents.