Senior GRC Security Specialist, Colombia We are tech transformation specialists, uniting human expertise with AI to create scalable tech solutions. With over 7,400 CI&Ters; around the world, we’ve built partnerships with more than 1,000 clients during our 30 years of history. Artificial Intelligence is our reality. Hi There, This is Laura from CI&T;! I am a Talent Attracting Analyst looking for people located in Colombia for a Senior GRC Security Analyst to join our team. The GRC Security Analyst will play a key role in maintaining and enhancing our Cybersecurity Risk Management Process while ensuring adherence to industry standards and regulatory requirements in the medical device sector. This position requires a detail-oriented and proactive individual. Responsibilities: - Enterprise Cybersecurity Risk Management: Continuously identify, log, and analyze control nonconformities and unresolved/high-risk vulnerabilities across different sources. Maintain the Risk Registry and deliver timely risk treatment updates and reports to stakeholders. - Third-party Cybersecurity Risk Assessments: Conduct annually, ensuring alignment with internal risk standards and external compliance requirements. - Cybersecurity Controls Monitoring: Maintain and enhance the cybersecurity control framework by mapping existing controls, collecting evidence of execution, identifying gaps or nonconformities, and aligning overlapping requirements under a unified structure. Ensure adherence to frameworks such as HITRUST, HIPAA, and Spain ENS certification. - Policies and Procedures Development: Create and maintain cybersecurity-related policies and procedures, ensuring documentation complies with regulatory and contractual standards. Requirements for this challenge: - Advanced English for communication with international clients - Excellent communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders. - Strong analytical and problem-solving skills, with the ability to make informed decisions in high-pressure situations. - Experience conducting cybersecurity risk assessments, identifying vulnerabilities, and recommending mitigation strategies. - Ability to collaborate with cross-functional teams to ensure effective communication and implementation of GRC policies, procedures, and controls. - Experience leading efforts to maintain and update GRC documentation, including risk assessments, policies, and procedures. - Participation in internal and external audits, providing support and documentation to demonstrate compliance. - Strong understanding of GRC frameworks, industry standards, and regulatory requirements. - Excellent analytical skills, attention to detail, and ability to work independently and in teams. We look forward to receiving your application and working together to drive our success. #LI-LO1 Our benefits include: - Maternity and Parental leaves - Mobile services subsidy - Sick pay and Life insurance - CI&T; University - Colombian Holidays - Paid Vacations - And many others. Collaboration is our superpower, diversity unites us, and excellence is our standard. We value diverse identities and life experiences, fostering a diverse, inclusive, and safe work environment. We encourage applications from diverse and underrepresented groups to our job positions. #J-18808-Ljbffr