Introdução
Claire Joster is currently recruiting for a reference client in the Financial Services area, which intends to strengthen its internal structure with the integration of a IT GRC Specialist (m/f).
Função
• Follow-up and report local security risks and define control measures of IS / Compliance content;
• Monitor and report IT Internal Control System (IT-ICS);
• Promote the best practices in security controls through the organization of security awareness trainings;
• Investigate and respond to security threats and incidents;
• Operate and monitor a proper ISMS (Information Security Management System);
• Identify and assess local laws and regulatory requirements regarding their effect on IT in coordination with the Legal area and CICO;
• Identify new or changed subgroup-wide requirements (IT Standards) in coordination with the GRC Lead;
• Monitor and report IT compliance requirements status;
• Support the team to execute and deploy overall IT Coordination activities within the scope of the client responsibilities;
• Providing guidance, coaching, and mentorship to team members and process owners;
• Support on required GRC general tasks.
Requisitos
• 1-2 years of IT compliance and security operations in the financial sector;
• Degree in Computer Science or Information Technology;
• COBIT and/or ITIL knowledge (proven certification is a differential);
• Extensive experience in managing emails and tickets with support of tools such as Microsoft 365 and JIRA, as well as prioritizing an optimized processing workflow;
• Expertise in supporting organizations through changes related to governance, risk, and compliance frameworks and processes;
• Previous experience in Information Security Management System is a plus;
• Understanding of enterprise IT security architecture, processes, concepts, and best practices;
• Comprehensive expertise in regulatory requirements and standards;
• Creation and monitoring of dashboards and reports preparation to provide transparency to the stakeholders;
• Experience in audit support for financial services companies;
• Technical skills on Information Security topics are differential;
• Ability to deliver training to staff and stakeholders on governance, risk, and compliance topic;
• Ability for teamwork and good team spirit is mandatory.