Busines information security officer analyst

Responsibility

The BISO Analyst will support their assigned department by contributing to the development of security architecture, enhancing our cloud computing security posture, and assisting with technology risk assessments. The ideal candidate will have foundational knowledge in guiding principles for secure cloud environments and will be keen on developing their skills further in multiple areas of IT Security disciplines such as Application Security, Red Team activities, vendor risk management, and compliance controls. This role involves executive-level communication and requires contributions to IT Security Risk Management (GRC) efforts and risk reduction initiatives.

 

Activities

·         Assist in the execution of security projects by identifying operational needs; contributing to the development and update of procedures and policies.

·         Support cross-functional collaboration to achieve objectives and priorities, translating business strategy into technical requirements.

·         Participate in risk assessment processes for the assigned technology portfolio, providing insights on potential risks and suggesting mitigation strategies.

·         Collaborate with key stakeholders to build consensus on security roadmaps and mitigation strategies.

·         Support the establishment and enforcement of assessment criteria based on information risk, business criticality, and compliance requirements.

·         Contribute to security assessment activities, ensuring control environments are validated.

·         Practice self-leadership and engage in continuous learning by seeking feedback and participating in cross-functional relationships to drive projects forward.

·         Support a team of IT consultants by contributing to the development of requirements for process or system solutions across multiple business domains.

·         Assist in the documentation of business cases to assess the costs, benefits, ROI, and Total Cost of Ownership (TCO) of proposed solutions.

·         Support the mapping of current processes against future state processes and contribute to solution design discussions.

·         Engage in continuous process improvement by participating in the development and maintenance of standardized tools, templates, and processes.

Required knowledge

·         Minimum four (4) years of experience in IT risk management, governance, compliance, or security.

·         Bachelor's degree in Business Administration, Computer Science, CIS, or a related field OR four (4) additional years of experience in IT consulting, business analysis, or a related field in lieu of a degree.

·         Familiarity with IT security principles, cloud security frameworks, and risk assessment methodologies.

·         Strong communication skills and the ability to work collaboratively with cross-functional teams.

·         A commitment to continuous learning and professional development in the cybersecurity field.

 

Competencies, skills and experience

 

·         Experience in supporting IT Security projects and initiatives.

·         Knowledge of cybersecurity trends and best practices.

·         Certifications in cybersecurity, risk management, or cloud security (e.g., Security+, CISSP, CRISC, CCSK) are a plus.

 

Benefits

• 20 vacation days per year
• Aguinaldo Superior
• Major and minor medical insurance expenses
• Grocery vouchers
• Learning Platform