HireLatam is a premier recruitment agency that places top Latin American talent in independent contractor roles in US companies. With a proven track record and a commitment to excellence, we're your trusted partner in the pursuit of career success. Our extensive network, personalized approach, and supportive guidance ensure that you're in the best hands to find your next job opportunity.
Job Overview
Position: Remote Cybersecurity Risk Management Senior Analyst (100% Work From Home)
Location: Remote from Latin America
Position Type: Full-time
Salary: $2,000 - $2,500 USD (dependent on experience)
Schedule: Must work Panama hours (8:00 A.M. to 5:00 P.M. or 9:00 A.M. to 6:00 P.M. Monday to Friday, excluding public holidays)
Our Client is a specialized compliance and integrated solutions firm providing high-level Governance, Risk, and Compliance (GRC) support to multinational organizations. This role supports a leading telecommunications giant operating across Latin America and the Caribbean.
The Senior Analyst will drive the GRC function, assessing technology risks across multiple markets and business units, working cross-functionally with cloud, legal, audit, and technology teams.
Key Responsibilities
Cybersecurity Risk Assessments
- Conduct comprehensive risk assessments for applications, infrastructure, cloud environments (SaaS/IaaS), and strategic technology initiatives.
- Evaluate cybersecurity, operational, resiliency, and data protection risks to determine inherent and residual exposure.
- Support risk treatment planning and track remediation activities to ensure security gaps are closed.
Third-Party & Vendor Risk Management
- Lead cybersecurity due diligence for vendors, reviewing SOC reports, ISO certifications, and penetration testing summaries.
- Identify security gaps in third-party environments and provide actionable mitigation recommendations.
- Monitor ongoing vendor security posture and support the onboarding of new service providers.
Governance, Reporting & Compliance
- Maintain and update enterprise cybersecurity risk registers.
- Develop executive-level risk metrics, dashboards, and Key Risk Indicators (KRIs).
- Support internal and external audits, assisting with evidence collection and documentation management.
- Align organizational initiatives with frameworks such as ISO 27001, NIST CSF, PCI DSS, and SOC 2.
Qualifications, Skills and Key Competencies
Required Qualifications
- Education: Bachelor's degree in Cybersecurity, Information Technology, Engineering, or Risk Management.
- Experience: 6+ years in cybersecurity risk management, IT audit, or security compliance.
- Core Expertise: Mandatory experience performing cybersecurity and technology risk assessments in an enterprise environment.
- Technical Knowledge: Strong understanding of cloud security, Identity & Access Management (IAM), vulnerability management, and data privacy.
- Language: Professional proficiency in English (Mandatory) and Spanish.
- Frameworks: Familiarity with ISO 27001, NIST CSF, COBIT, and PCI DSS.
Preferred Qualifications
- Certifications: CRISC, CISA, CISSP, or ISO 27001 Lead Auditor.
- Experience in telecommunications, financial services, or other highly regulated sectors.
- Proficiency with GRC platforms such as Archer, AuditBoard, or ServiceNow.
- Exposure to cyber risk quantification methodologies.
Application Requirements
- Voice/Video Recording: A 30+ second recording in English is REQUIRED. Submissions without this will be disqualified.
- Knockout Questions: Applications include mandatory questions to verify minimum qualifications.
- Location: Only candidates based in Latin America will be considered.
- Communication: Check your email and spam folders for updates.