Postúlate en Kit Empleo: kitempleo.com.co/empleo/1aauou

Be part of the information security team to support Fifty5Blue's mission to keep our business secure by ensuring that policies, processes and best practices are followed. The role ensures compliance with all external and internal audit and regulatory requirements and is responsible for identifying and managing risks and controls to protect the confidentiality, availability and integrity of Fifty5Blue's data.

Responsibilities

- Develop, implement, and maintain the information security risk management framework aligned with recognized standards
- Conduct periodic risk assessments
- Support business and technology areas in identifying, recording, categorizing, and prioritizing security risks.
- Generate and maintain the Risk Register and monitor the treatment lifecycle through closure
- Support the definition of the new risk management solution
- Support the integration of security risk management into the corporate risk management process
- Define and monitor key risk indicators (KRIs) and key performance indicators (KPIs)
- Plan, implement and maintain the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
- Conduct and periodically review Business Impact Analysis (BIA) to identify critical processes and maximum recovery times




- Lead or support continuity and recovery tests and simulations (tabletop exercises, failover tests, etc.)
- Support in ISO 27001 / ISO 27701 certification
- Support internal and external audits, including the preparation of evidence and follow-up of remediation plans
- Develop and review policies, standards, procedures and general templates
- To help maintain compliance with internal guidelines, as well as external laws and regulations

Experience

- Experience of more than 6 years of experience in Information Security / Cyber Security
- Experience in information security risk management
- Experience in business continuity
- Good communication, influencing skills, and high attention to detail
- Develops and maintains good working relationships with stakeholders, colleagues, and business partners

Qualification

- Qualified bachelor's degree in IT or equivalent
- Advanced English
- Proficient in Microsoft Excel, Word, and PowerPoint
- Knowledge of information security and data privacy frameworks, laws and regulations, such as ISO 27001/27002/27005/22301, COSO, DRI, NIST, LGPD, GDPR, etc.
- Information security, risk management and business continuity certifications

#J-18808-Ljbffr

Postúlate en Kit Empleo: kitempleo.com.co/empleo/1aauou

📌 Senior Information Security Analyst (Colombia)
🏢 Ibope
📍 Colombia