Purpose The Security Analyst is the local security professional assigned to a Conduent Business Unit(s), Site or Strategic function / initiative. The Security Analyst is responsible for ensuring good security risk management practices are adhered to within their assigned area. They will ensure compliance with Conduent security policy within their site or technology domain, perform assessments, develop recommendations to close compliance gaps, investigate security/compliance incidents, and maintain a security scorecard that measures risk in their assigned area of responsibility. The Security Analyst will ensure that business propositions and initiatives are reviewed for security policy compliance and engage Conduent cross functional partners as needed to reduce security risks. They will be commercially aware and compliance oriented. Responsibilities The Security Analyst is responsible for: Leading assessment activities by leveraging governance processes, and security or audit experience, to ensure compliance with Conduent security policy. Leveraging experience with logical and physical security practices as well as technical and administrative controls to ensure compliance. Understanding use cases underlying processes and tools, and the interaction with security controls, and how each may impact the other. Identification of actual or potential gaps between current practices and desired security controls, identification of requirements for new solutions, and developing options to address them. Building a business case for implementing controls required to meet requirements or close gaps. Serves as a security and compliance subject matter expert for a site or technology domain, advising security peers and cross functional partners in Operations, IT, Facilities, HR and other functional areas, working with the same to mitigate risk. Increasing security awareness among cross functional partners for the assigned site or technology domain. Maintaining a risk scorecard, including at least a corrective action plan and incident register, for the site or technology domain assigned. Leading security and compliance activities and related goals for both a site and a technology domain, including serving as the customer point of contact for same. Leading inititives involving more than one site The analyst will also: Work collaboratively with a diverse, global, and multicultural community. Maintain confidentiality of work-related information and materials. Establish and maintain effective working relationships. Present information at various levels of the organization. Stay up to date on security industry trends. Qualifications Candidate Education: Bachelor's Degree, or equivalent work experience. Professional Certifications: Certification in one or more areas of project management, information security, audit or cyber security (i.e., SSCP, CISA or CISSP) required. Workplace: Av. das Nações Unidas, 17891 - Jardim Dom Bosco, São Paulo - SP, 04723-002

Número de vagas: 1

Tipo de contrato e Jornada: Efetivo – CLT - Período Integral

Área Profissional: Analista em Informática, TI, Telecomunicações - Segurança da Informação

Denunciar Vaga