GRC Analyst - Colombia

Posted 3 months agoViewed

💎 Seniority level: Middle, 3+ years

📍 Location: Colombia

🗣️ Languages: English

⏳ Experience: 3+ years

🪄 Skills: AgileCommunication SkillsAnalytical SkillsCollaboration

3+ years of experience in a GRC role or similar capacity.
Proven experience in executing and managing internal and external ISO audits.
Strong skills in writing high-quality documentation, audit reports, and compliance summaries.
Agile and adaptable to changing business and regulatory priorities.
Experience with global, collaborative, and virtual team environments.
Proficient in IT governance, security frameworks, and audit methodologies like ISO and GDPR.
Excellent written and verbal communication skills in English.
Previous experience with NIST CSF / NIST 800-53b.
Preferred: Certified Internal Auditor (ISO 27001, ISO 27701, or equivalent).
Desirable: Experience with FedRAMP, familiarity with quality management systems like ISO 9001.

Develop, implement, and maintain the Information Security Management System (ISMS) for GRC coverage across the organization.
Ensure conformance to security standards like ISO 27001 and ISO 27701 for IT systems.
Support risk management activities and prepare for audits, including business continuity exercises.
Develop and enforce information security policies and procedures.
Lead internal audits and support external assessments against various security standards.
Manage vendor security and data privacy questionnaires, coordinating responses.
Collaborate with the Service Delivery Team on information security and security awareness.