Senior GRC Security Specialist, Colombia We are tech transformation specialists, uniting human expertise with AI to create scalable tech solutions. With over 7,400 CI&Ters around the world, we’ve built partnerships with more than 1,000 clients during our 30 years of history. Artificial Intelligence is our reality. Hi There, This is Laura from CI&T! I am a Talent Attracting Analyst looking for people located in Colombia for a Senior GRC Security Analyst to join our team. The GRC Security Analyst will play a key role in maintaining and enhancing our Cybersecurity Risk Management Process while ensuring adherence to industry standards and regulatory requirements in the medical device sector. This position requires a detail-oriented and proactive individual. Responsibilities: Enterprise Cybersecurity Risk Management: Continuously identify, log, and analyze control nonconformities and unresolved/high-risk vulnerabilities across different sources. Maintain the Risk Registry and deliver timely risk treatment updates and reports to stakeholders. Third-party Cybersecurity Risk Assessments: Conduct annually, ensuring alignment with internal risk standards and external compliance requirements. Cybersecurity Controls Monitoring: Maintain and enhance the cybersecurity control framework by mapping existing controls, collecting evidence of execution, identifying gaps or nonconformities, and aligning overlapping requirements under a unified structure. Ensure adherence to frameworks such as HITRUST, HIPAA, and Spain ENS certification. Policies and Procedures Development: Create and maintain cybersecurity-related policies and procedures, ensuring documentation complies with regulatory and contractual standards. Requirements for this challenge: Advanced English for communication with international clients Excellent communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders. Strong analytical and problem-solving skills, with the ability to make informed decisions in high-pressure situations. Experience conducting cybersecurity risk assessments, identifying vulnerabilities, and recommending mitigation strategies. Ability to collaborate with cross-functional teams to ensure effective communication and implementation of GRC policies, procedures, and controls. Experience leading efforts to maintain and update GRC documentation, including risk assessments, policies, and procedures. Participation in internal and external audits, providing support and documentation to demonstrate compliance. Strong understanding of GRC frameworks, industry standards, and regulatory requirements. Excellent analytical skills, attention to detail, and ability to work independently and in teams. We look forward to receiving your application and working together to drive our success. #LI-LO1 Our benefits include: Maternity and Parental leaves Mobile services subsidy Sick pay and Life insurance CI&T University Colombian Holidays Paid Vacations And many others. Collaboration is our superpower, diversity unites us, and excellence is our standard. We value diverse identities and life experiences, fostering a diverse, inclusive, and safe work environment. We encourage applications from diverse and underrepresented groups to our job positions. #J-18808-Ljbffr