Analista de Seguridad de la Información - Pentesting Middle - Híbrido en Alliance It

This position is a  hybrid  position to work from Mexico for US clients. You will be working as a consultant directly with US Clients.

We offer:

100% payroll salary (Nónima)

Health Insurance and Law Benefits Covered

Opportunity to work for US Fortune 500 clients

Vales de despensa

Home-office work

Client :   Reiter Affiliated Company (RAC)

Our office is located Av. Acueducto 6075a-Piso 9, Puerta de Hierro, Zapopan, Jalisco, CP 45116.

Title: Information Security Analyst

Information Security Governance

• Accountable for executing the Information Security Strategy implementation.
• Responsible for maintaining and documenting cybersecurity controls.
• Subject to implement cybersecurity controls.
• Accountable for preparing information Security metrics reports and create dashboards.
• Liable for maintain the information security policy framework.
• Contributes to document Information Security Policy Exceptions.

Risk Management

• Responsible for performing risk assessments and address risks to reduce their impact.
• Subject to document and maintain risk registries.
• Liable for performing vendor risk assessments.
• Accountable for addressing and mitigates cybersecurity risks.
• Accountable for preventing cybersecurity risks.
• Answerable for learning up-to-date new cybersecurity trends and cybersecurity standards or best practices.

Information Security Incidents

• Responsible for pro-active investigation of cybersecurity breaches and cybersecurity incidents.
• Liable for documenting security incidents and determine their impact.

Compliance

• Responsible for facilitating security audits whether performed by organization or 3rd party.
• Accountable for monitoring legal and compliance requirements for IT, Information Security and Privacy.

Awareness

• Responsible for executing the Information Security Awareness Program
• Responsible for training employees about information security topics.
• Liable for performing Information Security Awareness Tests.
• Accountable for monitoring, reporting and improving Information Security Awareness Metrics.
• Accountable for traveling to perform information security awareness on-site trainings.

Security Operations

• Responsible for monitoring security operations and mitigate high risks.
• Accountable for assessing current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
• Liable for installing security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Subject to perform penetration tests and vulnerability assessments.
• Contributes to execute and maintain business continuity and disaster recovery plans.

Requirements

- 4+ years of experience in Information Security Governance or a similar role.

- Strong understanding of cybersecurity controls and experience in implementing and maintaining them.

- Proven ability to perform risk assessments and document risk registries to mitigate cybersecurity risks.

- Experience in documenting and investigating cybersecurity incidents, including determining their impact.

- Familiarity with legal and compliance requirements related to IT, Information Security, and Privacy.

- Hands-on experience in security operations, including monitoring, vulnerability assessments, and penetration testing.

- Ability to lead Information Security Awareness Programs, including employee training and security awareness tests.

- Proficiency in assessing and maintaining information security policies, ensuring they are up to date with current standards and practices.