Empleo de Senior Risk & Compliance Specialist - Advanced English - In-person Monterrey, N.L en Monterrey, Nuevo León - Vacante 103407 - MX

Publicado hace 16 días.

Senior Risk & Compliance Specialist - Advanced English - In-person Monterrey, N.L en DEINTEC

Sueldo oculto

Nuevo León

Empleado de tiempo completo

Inglés : Nivel Avanzado

Are you looking to be part of a leading, innovative, inclusive and collaborative company that allows you to grow and balance your personal and work life?


If so, congratulations! DEINTEC is for you. We are a 100% Mexican consulting company, specialized in Information Technology that collaborates with clients from various sectors (such as: pharmaceutical, metallurgical, technological, gases, etc.) and countries, and we are looking for people passionate about IT, like you .


Discover below the vacancy we have for you!

 

OT Risk & Compliance Sr


  • Education: Career in computing or related field
  • Availability: Immediate
  • Language: Advanced English
  • Minimum experience: +3 years


We offer

  • Attractive salary that is in line with your experience and the opportunity for economic growth
  • Legal benefits (such as: vacation bonus, IMSS, Christmas bonus, etc.) 
  • Working: Monday to Friday
  • Time: Determined (12 MONTHS)
  • Work location and format: In-person. Monterrey, Nuevo León, México


Job Description

  • Define OT Cybersecurity steering committee and advisory board.
  • Policy management, security awareness for OT
  • Ensure Cybersecurity compliance in OT environments with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.


Requirements

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, the typical work experience and educational background of candidates in this role are as follows:

  • BS or MA in computer science, information security, cybersecurity or a related field
  • 3+ years of experience in an IT audit or enterprise risk management (ERM) role
  • 3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS0 27000, COBIT, NIST 800, etc.)
  • Desired, but not required:
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
  • Knowledge on NIST 800 OT cybersecurity controls


S kills

Candidates will be evaluated based on their ability to perform the task and responsibilities listed previously while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:

  • An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business
  • An understanding of organizational mission, values and goals, and consistent application of this knowledge
  • An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
  •  Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  •  An ability to effectively influence others to modify their opinions, plans or behaviors
  •  Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, and effectively assessing the priority and time required to complete each part
  • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside cybersecurity in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance
  • Strong problem-solving and trouble-shooting skills


Responsibilities

  • Define OT Cybersecurity policies.
  • Develop metrics framework that effectively measures Cybersecurity risks for OT
  • Performs OT risk assessments of existing or new services and technologies, along with business counterparts.
  • Define OT Security Standards (NIST, IEC, etc.) coordinate implementation and certifications with OT Regional and Local Teams
  • Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
  • Communicates risk assessment findings to risk owners and custodians and governance teams.
  • Follow all OT Cybersecurity risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization.
  • Assists to perform and responding to audits, penetration tests and vulnerability assessments.
  • Develops, reviews, implements and maintains targeted Cybersecurity awareness program to mitigate human risks on OT environments.
  • Coordinate with IT Cybersecurity Governance Risk & Compliance team


If you fit the profile, apply!