Hoy
if digital transformation, next-generation technology, and growth opportunities excite you, then join our netcracker technology team! Our culture and collaborative work environment are the keys to our success. Here you will work with the best in class global teams, earn a competitive salary and contribute to the largest digital transformations around the world.
what’s in it for you?
at netcracker, we are all entrepreneurs. This means we get creative when thinking of technical solutions, we explore possibilities and innovations and get excited about new technology. We take complete ownership of our roles and aren’t micromanaged or left feeling like just another number. The results we achieve are highly visible to our leadership team and we are recognized for our work and promoted accordingly.
position summary: this is an exciting role that will support a variety of audit, compliance and security initiatives. The individual will own the complete life cycle of internal audits, client-requested audits, and compliance reviews. The senior is auditor must have the ability to drive key relationships and collaborate with internal and external stakeholders to identify and manage operational and security risks. This position will also be a key interface with external auditors. This role will have direct influence over ongoing transformation of netcracker's security posture.
role and responsibilities:
* continually monitor the netcracker it control environment and identify key risks, related controls and gaps
* understand and drive adherence to corporate security policies and procedures
* maintain the rcm and track findings
* bridge cross-functional conversations to address control enhancement and finding remediation
* manage internal audits, external audits, and compliance reviews (e.g., ssae 18, pci-dss, iso)
* stay abreast of regulation and compliance changes and create awareness for control owners
* draft management attestations and representation letters
* conduct periodic risk assessments (e.g., vendor, insider threat, sans top 20)
* act as a liaison between internal and external stakeholders on it controls and compliance areas
* assist with privacy compliance projects (e.g., gdpr, data privacy framework)
* participate in various risk management initiatives and projects, as assigned
required experience:
* 2-4 years' experience in big 4 it audit experience preferred
* 3-5 years in information security, it audit and/or it risk management experience a plus
* cism, cissp, cia or cisa a plus
* working knowledge and understanding of coso, cobit, iia ippf, ssae 18, pci-dss, iso 27001/27018/22301, nist 800 standards and frameworks
* excellent project management skills with the ability to meet tight deadlines
* strong verbal and written communication skills
* interpersonal skills with emphasis on collaboration, influencing and building long-term relationships
* proactively seeks guidance but can also work independently
* familiarity with grc platforms
education:
* bachelor degree in information systems auditing, computer science, or related field
li-tm1
it security and compliance senior specialist
hoy
about it in nestlé
we are a team of it professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for nestlé’s digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.
under the supervision and guidance of her/his primary community of practice lead the functional relationship manager (frm) helps opco with specific solutions/services within a market, for a specific stream, in close collabration with their counterparts in the regional teams (global & nim). S/he acts as the single point of focus between an organization’s senior leadership and multiple it product managers to avoid complexity from the it receiver point of view and to provide a clear accountability for them. Frms advocate product portfolio, identify needs for additional value delivery or integration between product groups, if needed in coordination with all teams across it.
position snapshot
* location: nestlé méxico
* stream: it security & compliance
* type of contract: permanent
key responsibilities:
* orchestrating internal and external multi-functional stakeholders to define, validate and refine product vision, strategy, definitions and roadmaps
* alignment with is/it governance
* opco stakeholders/receivers management and alignment. Attend their qor, mor, and wor as necessary
* align with globe portfolio management on the needs of the opco's mbs/stakeholders/receivers
* represent the opco in discussion with globe portfolio management
* facilitate and coordinate the availability of functional resources/super users to provide business requirements, test/accept solution, and handle end-user change management activities
* ensure project deliverables are tracking to plan
* represent opco's interest on steering committees
* escalate items not getting appropriate attention including nbe approval, projects, and issues
* maintain prioritized list of projects, brs, and critical issues
* ensure nppc su network is receiving the necessary learning/training
* support merger, divestiture, and acquisition
* manage and prioritize all new requests with receivers
* participates in is/it governance processes that enable prioritization across multiple options
* supports business governance processes (e.g., automation that would remove business headcounts or drastically impact business ways of working)
* translate business risk appetite into requirements for the full product stack
develops high performing teams and aligns with the people processes: context, talent, development, performance, and recognition with examples provided.
required profile:
* bachelor’s degree or higher, preferably computer science or field related to the product
* iso27000 or iso27001 certification
* demonstrated experience in a product based is/it organization
* 5+ years experience in is/it (e.g. Ba, pm, etc.)
* proven track record of ownership and delivering results in a fast-paced environment
* experience with communication at different levels in english
* experience working in a global environment and with virtual teams
security analyst ii, threat detection (english)
hoy
minimum qualifications:
* bachelor's degree or equivalent practical experience
* 2 years of experience in data analysis, identifying trends, generating statistics, and insights
* 2 years of experience managing projects and defining scope and deliverables
* english and spanish proficiency
* ability to work non-standard hours
preferred qualifications:
* security+ or similar certification
* automation via coding or scripting
* experience analyzing, triaging, remediating incidents
* understanding attacker tactics/tools/techniques
* independent work, prioritization, multitasking
* problem-solving and investigative skills
about the job:
the detection team develops and maintains signals, tools and infrastructure for threat hunting and malware indicator analysis. In this role you will create and maintain the safest operating environment for google's users and developers, defend network boundaries, monitor systems for attacks and identify vulnerabilities. The core team builds foundational elements across google products.
responsibilities:
* search for anomalous activity via manual hunting at alphabet scale
* escalate complex incidents to detection and response teams
* lead response to low severity incidents
* support response to high/medium severity incidents
* analyze security alerts in siem and other sources
google is an equal opportunity employer. See google's eeo policy and accommodations for applicants form for accommodations.
security analyst i, threat detection (english)
hoy
minimum qualifications:
* bachelor's degree or equivalent practical experience
* 1 year data analysis experience
* 1 year project management experience
* english and spanish proficiency
preferred qualifications:
* security+ or similar
* automation scripting
* experience analyzing security incidents
* attacker tactics/tools/techniques
about the job:
same as above for detection and core teams at google.
security analyst iii, threat detection (english, spanish)
hoy
minimum qualifications:
* bachelor's degree or equivalent
* 7 years of cyber security or threat analysis
* 4 years in incident analysis or soc
* english and spanish proficiency
preferred qualifications:
* security+ or similar
* automation scripting
* incident remediation and siem experience
* strong problem-solving and communication skills
about the job:
responsibilities include responsibilities similar to other security analyst roles with google's core/detection teams.
information security tpisa analyst
hoy
the info sec prof senior analyst leads efforts to prevent and respond to breaches in alignment with citi's policy. Responsibilities include risk identification, evidence collection, policy interpretation, training, compliance validation, mentorship, and independent work capability.
responsibilities:
* identify is risks and recommend enhancements
* coordinate with compliance and auditing agencies
* communicate complex topics
* ensure controls are used daily and remediation follows
* provide is consulting and define standards
* educate on safe practices and regulatory updates
* validate policy compliance and resolve issues
* mentor teammates
qualifications:
* 5-8 years of relevant experience
* strong communication and influencing skills
* bachelor's degree or equivalent
education:
* bachelor's degree or equivalent
activities and other notes: third-party information security assessments for latam region; citi tpisa process and governance details are included here and described above in responsibilities and qualifications.
security analyst iii, threat detection (english, spanish) – td synnex
hoy
overview and responsibilities are described similarly to td synnex security roles: monitoring, incident handling, threat detection, and security policy governance. Requirements include 4+ years of experience, a 4-year degree, and a broad set of technical capabilities across siem, vulnerability management, and incident response.
what's in it for you?
* elective benefits tailored to country
* career growth through leadership and development programs
* well-being programs
* diversity, equity & inclusion
* onboarding programs and community involvement
join our td synnex team to connect the world with the power of technology.
cyber security defense analyst (remote) – td synnex
hoy
overview:
td synnex defense analyst uses defensive measures to identify, analyze, and report security events. Responsibilities include log management, incident handling, policy understanding, and capability improvements. Must be available for on-call.
responsibilities:
* characterize and analyze logs and traffic
* capture and analyze system logs
* collect intrusion artifacts for mitigation
* investigate across data sets
* security incident handling
* policy and governance reviews
* support major implementations and provide training
minimum requirements:
* 4+ years of relevant experience
* 4-year degree or equivalent
critical skills:
* defensive operations and siem/tools expertise
* ioc usage, troubleshooting, and threat detection
* strong problem-solving and analytical skills
additional knowledge:
* security operations center experience
* certifications (cissp, cisa, giac, security plus)
* automation, scripting, cloud security
cultural competency:
td tech values diversity and inclusive collaboration across teams and regions.
join us to connect the world with technology.
#j-18808-ljbffr