Our information security specialist develops and implements comprehensive information security programs that include the definition security policies, processes and standards. They perform audit evaluations and define processes and standards to ensure that Security controls are maintained and other applicable security requirements are implemented. They provide advisory guidance. in the development of information security strategies and programs. They lead efforts, monitor work results, provide formal services. train and serve as a technical resource for information security team members. Licenses: 1. ISO27001:2022 internal or lead auditor (Required). 2. Certified in Risk and Information Systems Control (CRISC) (Required) 3. Certified Information Systems Security Professional (CISSP) (Desirable). Essential Functions The essential functions listed represent the major duties of this role, additional duties may be assigned. Identify, design, implement, and audit the information security controls to mitigate existing risks in the organization according to the guidelines and objectives established. Execute high-complexity information security and privacy projects and initiatives focused on achieving the organization’s corporate security objectives. Develop security and privacy policies and standards according to the business vision, objectives, and requirements, identifying security and privacy needs in the various business processes that handle information. Lead the execution of controls associated with disaster recovery (DRP) for the organization’s core processes. Perform high-complexity tasks required for the identification, classification, containment, recovery, and lessons learned from the information security incident response model established by the organization. Monitor compliance with the security framework established for the organization. Address high-complexity service catalog requests from the Information Security Management. Respond to level 3 information security requirements and inquiries Develops information security processes, policies and procedures. Advises on service level agreements and works to ensure that security controls are managed and maintained. Serves as a liaison and lead on audit-related initiatives managing relationships, collection of data, progression tracking, assessment and remedial activities. Works with IT leadership to develop strategies and plans to enforce security requirements and address identified risks. Participates in initiatives to identify, select and implement technical controls. Analyzes, proposes and implements solutions concerning residual risk, vulnerabilities and other security exposures. Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security program. Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks. Develops and maintains documentation for security systems, procedures and security diagrams Validates that technical and operational information security controls are incorporated into new IT systems by participating in all business planning groups and reviewing all new systems/installations and major changes Assists and supports the development of security architecture. Profesional Senior 1886490805 #J-18808-Ljbffr