**LATAM GIS BISO searches for a Business Information Security Officer**
**Responsibilities**:
- Identity and Access Management end-to-end process, including but not limited to: Access Management / Control (RBAC, users, roles, password mgmt., approvals workflow), Authentication/MFA, Privileged Access, Entitlement / Access Review Process, Straight Through Automation, DDAR/PAP, Dormancy, CSDB;
Advise LOB management on risk issues related to information security and recommend actions in support of the bank's wider risk management and compliance programs;
- Collaborate with risk partners on info security critical priorities;
- Support internal, external, and regulatory audit-related evidence generation, deliverables, and action plans;
- Work on regulatory requirements, including being able to deliver on requirements needed for the CMN 4,893 and CVM 35 regulations;
- Close tracking and technical support on Enhanced Remediation Program (ERP) efforts;
- Support leading the regional awareness program according to local needs;
- Interfaces with global programs like Third-Party Information Security Assessment (TPIS), ADSF, etc to support local / regional initiatives;
- Drive required risk culture and partnership with peer technology teams and supported LOB;
- Reporting (e.g.
decks) with proper accountability in regards to quality and needed timeframes;
- Participate in key CIO operating routines to drive information security risk strategy.
**Core skills and requirements**:
- Bachelors and/or Master's degree in Computer Science, Information Technology or related field desirable;
- Experience in Information Security & Technology, preferably having banking / financial institutions background;
Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS);
- Knowledge on local information and cybersecurity regulatory requirements (e.g.
CVM 4,893 and CVM 35), as well as LGPD and GDPR, in addition to key local market initiatives such as Open Banking and PIX;
- Highly desirable: accredited Information Security certification(s) such as CISSP, CISM, CRISC, CISA;
- Executive presentation and communication skills;
- High collaboration mindset, i.e.
local, regional, and global teamwork.
Capacity to work on operational, tactical, and executive topics simultaneously, for the country and as a key supporter for the LATAM region;
- Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding;
Fluent English and Portuguese required.
Spanish desirable.
**Job Band**:
H5**Shift**:
**Hours Per Week**:
40**Weekly Schedule**:
**Referral Bonus Amount**:
0