We are seeking an experienced IT Security, Risk, and Compliance Manager to lead and manage our organization’s security initiatives. The ideal candidate will have proven experience in cybersecurity, risk management, and compliance, with a focus on SOC2, Security Incident Response, Cybersecurity monitoring tools, and Penetration Testing (PenTesting) in Cloud environments.
This role is critical in safeguarding our digital infrastructure, ensuring compliance with industry regulations, and implementing risk mitigation strategies. The IT Security, Risk, and Compliance Manager will collaborate closely with cross-functional teams to maintain a secure, resilient IT environment.
This position is 100% remote in Colombia
Develop and implement comprehensive security policies and procedures, ensuring alignment with organizational objectives and regulatory requirements (e.g., SOC2).
Lead cybersecurity initiatives, including vulnerability assessments, Penetration Testing, and security monitoring of cloud-based environments.
Manage and respond to security incidents, coordinating the response team and performing forensic analysis to prevent future occurrences.
Establish and maintain a risk management framework that identifies potential security threats, assesses risks, and ensures timely mitigation.
Oversee the company’s compliance with cybersecurity regulations, ensuring that security controls meet required standards and performing audits to evaluate the effectiveness of these measures.
Implement and optimize cybersecurity monitoring tools (e.g., SIEM, intrusion detection systems) to proactively identify and address vulnerabilities.
Collaborate with IT, legal, and compliance teams to maintain a robust, secure infrastructure that supports business goals.
Lead training and awareness programs to ensure all employees understand their role in maintaining security compliance.
Stay current with the latest cybersecurity trends and technologies, and recommend enhancements to strengthen the organization's security posture.
Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced certifications such as CISSP, CISM, or CRISC are a plus.
Minimum 11 years of general experience.
Minimum of 5+ years of experience in cybersecurity, risk management, and compliance leadership or management roles.
Proven experience with SOC2 compliance and Security Incident Response.
Hands-on experience with Cybersecurity monitoring tools and conducting Penetration Testing.
Strong knowledge of Cloud environments and best practices for securing cloud-based infrastructure.
In-depth understanding of risk management frameworks, with the ability to identify and mitigate security risks.
Excellent communication and leadership skills, with the ability to work collaboratively with cross-functional teams.
Ability to work in a fast-paced environment and manage multiple security initiatives simultaneously.
Experience with threat intelligence, SIEM solutions, and incident response automation.
Familiarity with NIST frameworks, ISO 27001, and other relevant security standards.
Strong understanding of data privacy regulations, including GDPR and HIPAA.
#IN-ALIL
Software Powered by iCIMS
www.icims.com