Cybersecurity Specialist

Summary

Join QuintoAndar, Latin America's largest real estate ecosystem, as an Information Security Risk Management professional. You will play a crucial role in developing and updating security policies, processes, and procedures, overseeing the third-party risk management program, and conducting risk assessments. This remote-first position, based in Brazil, requires extensive experience in cybersecurity risk management and compliance. You will work with cutting-edge technology and collaborate with a high-performing team. QuintoAndar offers a competitive salary and benefits package, including health and dental plans, life insurance, and extended parental leave.

Requirements

• Proven experience in cybersecurity risk management, compliance, governance, and third-party risk management (7+ years)
• Knowledge in crisis management and business continuity (BCP/DRP)
• Knowledge and previous implementation of Information Security frameworks/standards (such as NIST and ISO 27001)
• Experience designing, implementing, and managing TPRM programs
• Knowledge of the main concepts of Information Security, as well as being up to date with threats and trends in this topic
• Experience with risk analysis techniques, such as identification, assessment and prioritization of risks and qualitative and quantitative risk assessment techniques
• Being familiar with a GRC tools and security technologies
• Proficient communication in English and Portuguese

Responsibilities

• Develop and update Policies, Processes and Procedures related to Information Security processes (in line with Risk Frameworks such as NIST and best practices such as ISO 27001)
• Oversee and enhance the Third-Party Risk Management Program (TPRM), including assessing and monitoring cybersecurity risks associated with vendors and suppliers
• Develop and conduct the information Security Risk Management Program, by monitoring risks and performance indicators
• Perform analysis, validation and reporting on Security Information risks (related to identification, prioritization, treatment and monitoring)
• Monitor the effectiveness of Risk Management initiatives and update risk registers
• Coordinate internal and external security audits, ensuring compliance with regulatory requirements
• Plan and conduct the Information Security Awareness Program
• Act as a liaison between different departments within Grupo QuintoAndar regarding the Security Information Risk Management process

Benefits

• Competitive salary package
• Bonus
• Meal allowance ("Flash benefícios")
• Health plan
• Dental plan (optional)
• Life insurance
• Daycare subsidy
• Subsidy to sports practicing (Wellhub)
• Extended maternity and paternity leave
• Reserved room for breast-feeding
• Discount on our parking lot
• Language learning support
• Free transfer from Vila Madalena and Fradique Coutinho stations to the office
• Free bike rack in our parking lot