21 Ofertas de Cism en Mexico
Manager - Information Security - TEMPORAL
Marriott
Publicado hace 19 días
Trabajo visto
Descripción Del Trabajo
**Additional Information**
**Job Number**
**Job Category** Information Technology
**Location** Mexico Regional Office, Ejercito Nacional No. 350 Suite 4C, Mexico City, MÉX, Mexico, 11560VIEW ON MAP ( Full Time
**Located Remotely?** Y
**Position Type** Management
**JOB SUMMARY:**
The Manager, Continent Information Security Partnerships, Property Security Reviews & Audits, is a key role in continent security aspects relating to planning, executing and managing the Marriott Security Assessment program, providing the necessary support to above property and on property teams. The objective for this role is to attain maximum security compliance status and ensure that all IT Operations in the continent follow the company security standards. Enforce Marriott Security Standards and requirements for properties. The role will perform tracking and reporting on the established security policies and processes as implemented at the hotels and will have a direct reporting line to the Senior Director/Director, Continent Information Security Partnerships.
This position maintains strong relationships with and provides support to Property teams, Area IT Leaders with continent IT operations and provides assistance in liaising with additional teams within Information Security and will require to travel for up to 75% of the work capacity.
**CANDIDATE PROFILE**
**Education and Experience** **Required** :
Education and Experience
+ 5+ years Information Technology or information security work experience including:
+ 3+ years in executing technology plans and/or information security projects, programs, and/or portfolios
+ 2+ years' in implementing enterprise security risk management frameworks and processes.
+ Bachelor's degree in Computer Sciences, Information Technology, Information Security, Cybersecurity or related field or equivalent field experience.
+ Fluent in English and Spanish, both spoken and written.
Preferred:
+ Professional certifications related to security assessment, such as CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor, etc.
+ Hotel IT Management.
+ Cybersecurity experience.
+ Good understanding of PCI DSS and NIST CSF.
+ Expert level understanding of key network and technical security controls.
+ Experience participating in and coordinating activities for security incident responses.
+ Knowledge of global regulatory standards to include GDPR and CCPA.
+ Ability to demonstrate security experience via certifications (CISSP, CISA, CRISC, CISM, PCI ISA, etc.) or significant career accomplishments.
+ Demonstrated ability to apply organizational information security policies at a discipline unit level.
+ Knowledge of IT security within an infrastructure environment.
+ Proven ability to effectively prioritize and execute tasks in a high-pressure environment.
+ Experience in business systems and process planning.
+ Graduate/postgraduate degree.
**CORE WORK ACTIVITIES**
+ Lead and execute audits, security assessments, and control reviews across infrastructure, applications, data, cloud, and third-party services.
+ Evaluate the effectiveness of information security controls (technical and administrative) aligned with corporate standards.
+ Perform risk-based assessments and identify vulnerabilities, non-compliances, and improvement opportunities.
+ Review historical audit and assessment findings and real-time observations, both internal and external, to determine areas for improvement, including developing and disseminating best practices, standardized configurations, and implementation guides across the hotel portfolio.
+ Review artifacts, interview key stakeholders and identify areas for improvement.
+ Develop and manage the end-to-end audit or assessment program, including planning, scoping, scheduling, stakeholder engagement, fieldwork, and follow-up.
+ Organize and facilitate kick-off meetings, status updates, walkthroughs, and closing sessions.
+ Track and report audit timelines, milestones, and risk issues to ensure timely completion.
+ Build relationships and collaborate with key stakeholders to develop pragmatic remediation plans and track closure progress through defined follow-up cycles.
+ Prepare clear, concise, and well-structured audit reports with actionable findings and risk ratings.
+ Provide input on risk treatment strategies, control enhancements, and policy updates.
+ Develop effective communication plans to collaborate with the stakeholders by customizing individual needs.
+ Contribute to the maturity of the information security internal audit methodology, templates, and knowledge base.
**Additional Functions:**
+ Represents Security in signing off on new property openings reviewing the implemented policies and controls.
+ Provides tactical communications and issues remediation planning and implementation with the continent IT Operations team.
+ Signs off the new property openings including tracking that all necessary information on the property systems and security readiness is registered, such as application inventory.
+ Facilitates educational calls, materials and meetings to the Continent IT Operations and field associates
+ Tracks the compliance performance of the continent and work with on property IT associates along with the Area IT Managers towards issues remediations, providing necessary escalations and follow ups to the respective teams.
+ Reporting on security & compliance related metrics to different stakeholders including GIS, Continent leadership
+ Provides answers to general questions and queries around IT security and other related queries.
+ Identifies learning and knowledge gaps and facilitates educational calls, materials and meetings to the Continent IT Operations and field associates
**Additional Responsibilities**
+ Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
+ Attends and participates in all relevant meetings.
+ Presents ideas, expectations and information in a concise, organized manner.
+ Uses problem solving methodology for decision making and follow up.
+ Maintains positive working relations with internal customers and department managers.
+ Manages time effectively and conducts activities in an organized manner.
+ Performs other reasonable duties as assigned by manager.
_At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates. We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law._
Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work, **begin** your purpose, **belong** to an amazing global team, and **become** the best version of you.
**Job Number**
**Job Category** Information Technology
**Location** Mexico Regional Office, Ejercito Nacional No. 350 Suite 4C, Mexico City, MÉX, Mexico, 11560VIEW ON MAP ( Full Time
**Located Remotely?** Y
**Position Type** Management
**JOB SUMMARY:**
The Manager, Continent Information Security Partnerships, Property Security Reviews & Audits, is a key role in continent security aspects relating to planning, executing and managing the Marriott Security Assessment program, providing the necessary support to above property and on property teams. The objective for this role is to attain maximum security compliance status and ensure that all IT Operations in the continent follow the company security standards. Enforce Marriott Security Standards and requirements for properties. The role will perform tracking and reporting on the established security policies and processes as implemented at the hotels and will have a direct reporting line to the Senior Director/Director, Continent Information Security Partnerships.
This position maintains strong relationships with and provides support to Property teams, Area IT Leaders with continent IT operations and provides assistance in liaising with additional teams within Information Security and will require to travel for up to 75% of the work capacity.
**CANDIDATE PROFILE**
**Education and Experience** **Required** :
Education and Experience
+ 5+ years Information Technology or information security work experience including:
+ 3+ years in executing technology plans and/or information security projects, programs, and/or portfolios
+ 2+ years' in implementing enterprise security risk management frameworks and processes.
+ Bachelor's degree in Computer Sciences, Information Technology, Information Security, Cybersecurity or related field or equivalent field experience.
+ Fluent in English and Spanish, both spoken and written.
Preferred:
+ Professional certifications related to security assessment, such as CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor, etc.
+ Hotel IT Management.
+ Cybersecurity experience.
+ Good understanding of PCI DSS and NIST CSF.
+ Expert level understanding of key network and technical security controls.
+ Experience participating in and coordinating activities for security incident responses.
+ Knowledge of global regulatory standards to include GDPR and CCPA.
+ Ability to demonstrate security experience via certifications (CISSP, CISA, CRISC, CISM, PCI ISA, etc.) or significant career accomplishments.
+ Demonstrated ability to apply organizational information security policies at a discipline unit level.
+ Knowledge of IT security within an infrastructure environment.
+ Proven ability to effectively prioritize and execute tasks in a high-pressure environment.
+ Experience in business systems and process planning.
+ Graduate/postgraduate degree.
**CORE WORK ACTIVITIES**
+ Lead and execute audits, security assessments, and control reviews across infrastructure, applications, data, cloud, and third-party services.
+ Evaluate the effectiveness of information security controls (technical and administrative) aligned with corporate standards.
+ Perform risk-based assessments and identify vulnerabilities, non-compliances, and improvement opportunities.
+ Review historical audit and assessment findings and real-time observations, both internal and external, to determine areas for improvement, including developing and disseminating best practices, standardized configurations, and implementation guides across the hotel portfolio.
+ Review artifacts, interview key stakeholders and identify areas for improvement.
+ Develop and manage the end-to-end audit or assessment program, including planning, scoping, scheduling, stakeholder engagement, fieldwork, and follow-up.
+ Organize and facilitate kick-off meetings, status updates, walkthroughs, and closing sessions.
+ Track and report audit timelines, milestones, and risk issues to ensure timely completion.
+ Build relationships and collaborate with key stakeholders to develop pragmatic remediation plans and track closure progress through defined follow-up cycles.
+ Prepare clear, concise, and well-structured audit reports with actionable findings and risk ratings.
+ Provide input on risk treatment strategies, control enhancements, and policy updates.
+ Develop effective communication plans to collaborate with the stakeholders by customizing individual needs.
+ Contribute to the maturity of the information security internal audit methodology, templates, and knowledge base.
**Additional Functions:**
+ Represents Security in signing off on new property openings reviewing the implemented policies and controls.
+ Provides tactical communications and issues remediation planning and implementation with the continent IT Operations team.
+ Signs off the new property openings including tracking that all necessary information on the property systems and security readiness is registered, such as application inventory.
+ Facilitates educational calls, materials and meetings to the Continent IT Operations and field associates
+ Tracks the compliance performance of the continent and work with on property IT associates along with the Area IT Managers towards issues remediations, providing necessary escalations and follow ups to the respective teams.
+ Reporting on security & compliance related metrics to different stakeholders including GIS, Continent leadership
+ Provides answers to general questions and queries around IT security and other related queries.
+ Identifies learning and knowledge gaps and facilitates educational calls, materials and meetings to the Continent IT Operations and field associates
**Additional Responsibilities**
+ Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
+ Attends and participates in all relevant meetings.
+ Presents ideas, expectations and information in a concise, organized manner.
+ Uses problem solving methodology for decision making and follow up.
+ Maintains positive working relations with internal customers and department managers.
+ Manages time effectively and conducts activities in an organized manner.
+ Performs other reasonable duties as assigned by manager.
_At Marriott International, we are dedicated to being an equal opportunity employer, welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and celebrated. Our greatest strength lies in the rich blend of culture, talent, and experiences of our associates. We are committed to non-discrimination on any protected basis, including disability, veteran status, or other basis protected by applicable law._
Marriott International is the world's largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. **Be** where you can do your best work, **begin** your purpose, **belong** to an amazing global team, and **become** the best version of you.
Lo sentimos, este trabajo no está disponible en su región
0
Manager of Information Security
Miguel Hidalgo, Aguascalientes
Confidential
Publicado hace 3 días
Trabajo visto
Descripción Del Trabajo
Manager of Information Security
Your Mission, Should You Choose to Accept It:
- Forge a Cyber Fortress: Design and implement a cutting-edge Governance, Risk, and Compliance (GRC) framework that not only meets but exceeds the stringent demands of CNBV, Banxico, SHCP, PCI DSS 4.0, and PCI PIN. Your goal? Achieving ISO 27001 certification and setting a new industry benchmark.
- Master the Cloud Frontier: Navigate and secure our dynamic, cloud-based architecture, leveraging NIST CSF to ensure robust protection against evolving cyber threats.
- Become the Guardian of Trust: Proactively evaluate and monitor security controls, aligning with global standards to safeguard our critical information and systems.
- Lead a Cross-Functional Security Alliance: Collaborate with diverse teams to seamlessly integrate security policies and procedures, fostering a culture of security awareness and accountability.
- Be the Shield Against the Unknown: Spearhead our incident detection and response capabilities, ensuring swift and effective mitigation of security breaches.
- Innovate and Influence: Identify emerging risks and champion strategic improvements, shaping the future of fintech security in Mexico.
What We're Looking For:
- Education: University degree in Computer Science, Systems Engineering, or a related field (completed and professional certificate/license).
- Specialization: Cybersecurity, IT Audit, Software Engineering Management.
- Experience: Cybersecurity, Technology/Software Engineering, Information Security Analysis, SOC Function Management, IT Audit, or a similar role.
- Years of Experience: 4 - 5 years.
- Languages: English.
- Additional Language Proficiency: Business level.
- Technical Skills: Vulnerability Management, Risk Management, Incident Management, Security Framework Adoption. Knowledge of network security, operating systems, AWS services, database configurations.
- Certifications / Courses / Diplomas: CISA, CISSP, CRISC, or CISM.
- Product Focus: Multiproduct.
- Specific Knowledge: BI tools, AI, PCI standards, NIST CSF, ISO 27001, COBIT.
- Other Skills: Drata, Vanta, AWS, Okta, IAM.
What We Offer:
- A dynamic and collaborative work environment where you can develop your full potential.
- Opportunities to learn and grow professionally using cutting-edge technologies.
- A passionate and talented team with whom you can share knowledge and experiences.
- A competitive compensation package and attractive benefits.
- The opportunity to positively impact the lives of thousands of people and contribute to the development of the country.
Lo sentimos, este trabajo no está disponible en su región
1
Manager of Information Security
Miguel Hidalgo, Distrito Federal
confidential
Hoy
Trabajo visto
Descripción Del Trabajo
Manager of Information Security
Your Mission, Should You Choose to Accept It:
- Forge a Cyber Fortress: Design and implement a cutting-edge Governance, Risk, and Compliance (GRC) framework that not only meets but exceeds the stringent demands of CNBV, Banxico, SHCP, PCI DSS 4.0, and PCI PIN. Your goal? Achieving ISO 27001 certification and setting a new industry benchmark.
- Master the Cloud Frontier: Navigate and secure our dynamic, cloud-based architecture, leveraging NIST CSF to ensure robust protection against evolving cyber threats.
- Become the Guardian of Trust: Proactively evaluate and monitor security controls, aligning with global standards to safeguard our critical information and systems.
- Lead a Cross-Functional Security Alliance: Collaborate with diverse teams to seamlessly integrate security policies and procedures, fostering a culture of security awareness and accountability.
- Be the Shield Against the Unknown: Spearhead our incident detection and response capabilities, ensuring swift and effective mitigation of security breaches.
- Innovate and Influence: Identify emerging risks and champion strategic improvements, shaping the future of fintech security in Mexico.
What We're Looking For:
- Education: University degree in Computer Science, Systems Engineering, or a related field (completed and professional certificate/license).
- Specialization: Cybersecurity, IT Audit, Software Engineering Management.
- Experience: Cybersecurity, Technology/Software Engineering, Information Security Analysis, SOC Function Management, IT Audit, or a similar role.
- Years of Experience: 4 - 5 years.
- Languages: English.
- Additional Language Proficiency: Business level.
- Technical Skills: Vulnerability Management, Risk Management, Incident Management, Security Framework Adoption. Knowledge of network security, operating systems, AWS services, database configurations.
- Certifications / Courses / Diplomas: CISA, CISSP, CRISC, or CISM.
- Product Focus: Multiproduct.
- Specific Knowledge: BI tools, AI, PCI standards, NIST CSF, ISO 27001, COBIT.
- Other Skills: Drata, Vanta, AWS, Okta, IAM.
What We Offer:
- A dynamic and collaborative work environment where you can develop your full potential.
- Opportunities to learn and grow professionally using cutting-edge technologies.
- A passionate and talented team with whom you can share knowledge and experiences.
- A competitive compensation package and attractive benefits.
- The opportunity to positively impact the lives of thousands of people and contribute to the development of the country.
Lo sentimos, este trabajo no está disponible en su región
2
Manager of Information Security
Ciudad de México, Distrito Federal
confidential
Hoy
Trabajo visto
Descripción Del Trabajo
Manager of Information Security
Your Mission, Should You Choose to Accept It:
- Forge a Cyber Fortress: Design and implement a cutting-edge Governance, Risk, and Compliance (GRC) framework that not only meets but exceeds the stringent demands of CNBV, Banxico, SHCP, PCI DSS 4.0, and PCI PIN. Your goal? Achieving ISO 27001 certification and setting a new industry benchmark.
- Master the Cloud Frontier: Navigate and secure our dynamic, cloud-based architecture, leveraging NIST CSF to ensure robust protection against evolving cyber threats.
- Become the Guardian of Trust: Proactively evaluate and monitor security controls, aligning with global standards to safeguard our critical information and systems.
- Lead a Cross-Functional Security Alliance: Collaborate with diverse teams to seamlessly integrate security policies and procedures, fostering a culture of security awareness and accountability.
- Be the Shield Against the Unknown: Spearhead our incident detection and response capabilities, ensuring swift and effective mitigation of security breaches.
- Innovate and Influence: Identify emerging risks and champion strategic improvements, shaping the future of fintech security in Mexico.
What We're Looking For:
- Education: University degree in Computer Science, Systems Engineering, or a related field (completed and professional certificate/license).
- Specialization: Cybersecurity, IT Audit, Software Engineering Management.
- Experience: Cybersecurity, Technology/Software Engineering, Information Security Analysis, SOC Function Management, IT Audit, or a similar role.
- Years of Experience: 4 - 5 years.
- Languages: English.
- Additional Language Proficiency: Business level.
- Technical Skills: Vulnerability Management, Risk Management, Incident Management, Security Framework Adoption. Knowledge of network security, operating systems, AWS services, database configurations.
- Certifications / Courses / Diplomas: CISA, CISSP, CRISC, or CISM.
- Product Focus: Multiproduct.
- Specific Knowledge: BI tools, AI, PCI standards, NIST CSF, ISO 27001, COBIT.
- Other Skills: Drata, Vanta, AWS, Okta, IAM.
What We Offer:
- A dynamic and collaborative work environment where you can develop your full potential.
- Opportunities to learn and grow professionally using cutting-edge technologies.
- A passionate and talented team with whom you can share knowledge and experiences.
- A competitive compensation package and attractive benefits.
- The opportunity to positively impact the lives of thousands of people and contribute to the development of the country.
Lo sentimos, este trabajo no está disponible en su región
3
INFORMATION SECURITY LEAD
Hermosillo, Sonora
TE Connectivity
Publicado hace 6 días
Trabajo visto
Descripción Del Trabajo
INFORMATION SECURITY LEAD
At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world.
**Job Overview**
In this role at TE Connectivity, you will lead the development and implementation of OT Cybersecurity requirements across our manufacturing facilities within North America. This critical role ensures the robustness, security, and resilience of our OT systems against ever-evolving cyber threats. You will design, execute, and oversee OT Cybersecurity strategies, policies, standards, and best practices while integrating scalable security solutions to safeguard TE's operational environments effectively
**Responsibilities and duties**
+ Define OT Cybersecurity management methodologies aligned with industrial standards and frameworks (e.g., ISA/IEC 62443, NIST, ISO 27001), ensuring scalability for implementation across the production locations of the North America business unit.
+ Provide templates, tools, and training materials supporting the deployment activities at the plants including technical and organizational support for them.
+ Offer effective support for risk assessments at the plants, including the definition of necessary improvement measures.
+ Coordinate with the management of the business units of the Segment on the definition and execution of short- and long-term roadmaps for OT cybersecurity deployment at their plants.
+ Define and maintain reporting formats for program performance and deployment progress, providing regular updates to senior management on risks, issues, and project statuses.
+ Clearly communicate roles, expectations, and accountabilities to team members, resolving conflicts and facilitating issue resolution while establishing effective escalation paths.
+ Drive compliance, track best practices, and identify opportunities for process enhancements to achieve strategic goals.
+ Establish an OT cybersecurity team and develop competence within the North America business unit to effectively respond to the continuously increasing demands in this field.
**Knowledge and Experience:**
**Job Requirements**
**Knowledge and Experience:**
+ University degree in IT, CS, or engineering
+ At least years of demonstrated Project/Program Management experience in technology
+ Strong leadership skills with a track record of managing cross-functional projects with local and global teams in a matrix environment.
+ Demonstrated ability to successfully manage multiple projects and programs and meet scope, schedule, and budget requirements.
+ Confidence in communicating to peers and senior management.
+ Clear, strategic thinker with vision and the ability to execute on priorities with a results-oriented focus.
+ Familiarity with international cybersecurity standards including ISA/IEC 62443, NIST, and ISO 27001.
+ Excellent problem-solving skills, capable of analyzing complex security systems and threats.
+ Ability to engage collaboratively with Cybersecurity, IT, Operation and business leadership, influencing outcomes through expertise and analysis.
+ Demonstrable ability in creating a holistic strategy and driving implementation.
**#LI-Hybrid**
Location: Hermosillo
**Competencies**
Location:
Hermosillo, SON, MX, 83118
City: Hermosillo
State: SON
Country/Region: MX
Travel: 50% to 75%
Requisition ID:
Alternative Locations:
Function: Information Technology
TE Connectivity and its subsidiaries, affiliates, and operating units (collectively, the "Company") is committed to providing a work environment that prohibits discrimination on the basis of age, color, disability, ethnicity, marital status, national origin, race, religion, gender, gender identity, sexual orientation, protected veteran status, disability or any other characteristics protected by applicable law or regulation.
At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world.
**Job Overview**
In this role at TE Connectivity, you will lead the development and implementation of OT Cybersecurity requirements across our manufacturing facilities within North America. This critical role ensures the robustness, security, and resilience of our OT systems against ever-evolving cyber threats. You will design, execute, and oversee OT Cybersecurity strategies, policies, standards, and best practices while integrating scalable security solutions to safeguard TE's operational environments effectively
**Responsibilities and duties**
+ Define OT Cybersecurity management methodologies aligned with industrial standards and frameworks (e.g., ISA/IEC 62443, NIST, ISO 27001), ensuring scalability for implementation across the production locations of the North America business unit.
+ Provide templates, tools, and training materials supporting the deployment activities at the plants including technical and organizational support for them.
+ Offer effective support for risk assessments at the plants, including the definition of necessary improvement measures.
+ Coordinate with the management of the business units of the Segment on the definition and execution of short- and long-term roadmaps for OT cybersecurity deployment at their plants.
+ Define and maintain reporting formats for program performance and deployment progress, providing regular updates to senior management on risks, issues, and project statuses.
+ Clearly communicate roles, expectations, and accountabilities to team members, resolving conflicts and facilitating issue resolution while establishing effective escalation paths.
+ Drive compliance, track best practices, and identify opportunities for process enhancements to achieve strategic goals.
+ Establish an OT cybersecurity team and develop competence within the North America business unit to effectively respond to the continuously increasing demands in this field.
**Knowledge and Experience:**
**Job Requirements**
**Knowledge and Experience:**
+ University degree in IT, CS, or engineering
+ At least years of demonstrated Project/Program Management experience in technology
+ Strong leadership skills with a track record of managing cross-functional projects with local and global teams in a matrix environment.
+ Demonstrated ability to successfully manage multiple projects and programs and meet scope, schedule, and budget requirements.
+ Confidence in communicating to peers and senior management.
+ Clear, strategic thinker with vision and the ability to execute on priorities with a results-oriented focus.
+ Familiarity with international cybersecurity standards including ISA/IEC 62443, NIST, and ISO 27001.
+ Excellent problem-solving skills, capable of analyzing complex security systems and threats.
+ Ability to engage collaboratively with Cybersecurity, IT, Operation and business leadership, influencing outcomes through expertise and analysis.
+ Demonstrable ability in creating a holistic strategy and driving implementation.
**#LI-Hybrid**
Location: Hermosillo
**Competencies**
Location:
Hermosillo, SON, MX, 83118
City: Hermosillo
State: SON
Country/Region: MX
Travel: 50% to 75%
Requisition ID:
Alternative Locations:
Function: Information Technology
TE Connectivity and its subsidiaries, affiliates, and operating units (collectively, the "Company") is committed to providing a work environment that prohibits discrimination on the basis of age, color, disability, ethnicity, marital status, national origin, race, religion, gender, gender identity, sexual orientation, protected veteran status, disability or any other characteristics protected by applicable law or regulation.
Lo sentimos, este trabajo no está disponible en su región
4
Information Security II jr
CompuCom
Publicado hace 19 días
Trabajo visto
Descripción Del Trabajo
**Why Compucom?**
Compucom Systems, Inc. provides end-to-end IT managed services to enable the digital workplace for enterprise, midsize and small businesses. To enable our clients to focus on what matters most, we employ a customer-centric, hard-working, and talented group of people that Act Like an Owner, Do the Right Thing, and Have Fun Doing It!
The role of the Information Security II is to be a part of Infrastructure Security
Administrator Team that is involved in designing and implementing the enterprise
infrastructure and information across organizational holdings domestic and
internationally.
The position scope involves designing, implementation and configuration of key
enterprise security initiatives. Specific initiatives include maintaining and configuring the
following products as well as other security devices & operations:
Skills which are a must:
- Advance knowledge of the OSI networking model
- Advance knowledge on UDP/TCP/IP protocols
- Experience working with Firewalls 1 year + industry experience (Next Generation
are desirable)
- Experience in networking (routing is a must) 3 years + industry experience
- Basic knowledge on network security best practices
Desirable Skills are a plus:
- Basic understanding of Site-to-Site VPNs
- Basic knowledge and experience on Cisco ASA, Checkpoint or Palo Alto
Firewalls
- Basic knowledge on Zscaler Proxies
The Information Security II is expected to maintain professional working relationships.
Contacts will include key corporate stakeholders, the Information Security Team,
business unit personnel, associated working groups, and external contacts within the
information security industry. The individual is expected to meet objectives with integrity
and efficiency.
Equal Employment Opportunity
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, genetic information, sexual orientation, gender identity or expression, or any other status protected by law.
Compucom Systems, Inc. provides end-to-end IT managed services to enable the digital workplace for enterprise, midsize and small businesses. To enable our clients to focus on what matters most, we employ a customer-centric, hard-working, and talented group of people that Act Like an Owner, Do the Right Thing, and Have Fun Doing It!
The role of the Information Security II is to be a part of Infrastructure Security
Administrator Team that is involved in designing and implementing the enterprise
infrastructure and information across organizational holdings domestic and
internationally.
The position scope involves designing, implementation and configuration of key
enterprise security initiatives. Specific initiatives include maintaining and configuring the
following products as well as other security devices & operations:
Skills which are a must:
- Advance knowledge of the OSI networking model
- Advance knowledge on UDP/TCP/IP protocols
- Experience working with Firewalls 1 year + industry experience (Next Generation
are desirable)
- Experience in networking (routing is a must) 3 years + industry experience
- Basic knowledge on network security best practices
Desirable Skills are a plus:
- Basic understanding of Site-to-Site VPNs
- Basic knowledge and experience on Cisco ASA, Checkpoint or Palo Alto
Firewalls
- Basic knowledge on Zscaler Proxies
The Information Security II is expected to maintain professional working relationships.
Contacts will include key corporate stakeholders, the Information Security Team,
business unit personnel, associated working groups, and external contacts within the
information security industry. The individual is expected to meet objectives with integrity
and efficiency.
Equal Employment Opportunity
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, genetic information, sexual orientation, gender identity or expression, or any other status protected by law.
Lo sentimos, este trabajo no está disponible en su región
5
Information Security II JR
CompuCom
Publicado hace 19 días
Trabajo visto
Descripción Del Trabajo
**Why Compucom?**
Compucom Systems, Inc. provides end-to-end IT managed services to enable the digital workplace for enterprise, midsize and small businesses. To enable our clients to focus on what matters most, we employ a customer-centric, hard-working, and talented group of people that Act Like an Owner, Do the Right Thing, and Have Fun Doing It!
The role of the Information Security II is to be a part of Infrastructure Security
Administrator Team that is involved in designing and implementing the enterprise
infrastructure and information across organizational holdings domestic and
internationally.
The position scope involves designing, implementation and configuration of key
enterprise security initiatives. Specific initiatives include maintaining and configuring the
following products as well as other security devices & operations:
Skills which are a must:
- Advance knowledge of the OSI networking model
- Advance knowledge on UDP/TCP/IP protocols
- Experience working with Firewalls 1 year + industry experience (Next Generation
are desirable)
- Experience in networking (routing is a must) 3 years + industry experience
- Basic knowledge on network security best practices
Desirable Skills are a plus:
- Basic understanding of Site-to-Site VPNs
- Basic knowledge and experience on Cisco ASA, Checkpoint or Palo Alto
Firewalls
- Basic knowledge on Zscaler Proxies
The Information Security II is expected to maintain professional working relationships.
Contacts will include key corporate stakeholders, the Information Security Team,
business unit personnel, associated working groups, and external contacts within the
information security industry. The individual is expected to meet objectives with integrity
and efficiency.
Equal Employment Opportunity
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, genetic information, sexual orientation, gender identity or expression, or any other status protected by law.
Compucom Systems, Inc. provides end-to-end IT managed services to enable the digital workplace for enterprise, midsize and small businesses. To enable our clients to focus on what matters most, we employ a customer-centric, hard-working, and talented group of people that Act Like an Owner, Do the Right Thing, and Have Fun Doing It!
The role of the Information Security II is to be a part of Infrastructure Security
Administrator Team that is involved in designing and implementing the enterprise
infrastructure and information across organizational holdings domestic and
internationally.
The position scope involves designing, implementation and configuration of key
enterprise security initiatives. Specific initiatives include maintaining and configuring the
following products as well as other security devices & operations:
Skills which are a must:
- Advance knowledge of the OSI networking model
- Advance knowledge on UDP/TCP/IP protocols
- Experience working with Firewalls 1 year + industry experience (Next Generation
are desirable)
- Experience in networking (routing is a must) 3 years + industry experience
- Basic knowledge on network security best practices
Desirable Skills are a plus:
- Basic understanding of Site-to-Site VPNs
- Basic knowledge and experience on Cisco ASA, Checkpoint or Palo Alto
Firewalls
- Basic knowledge on Zscaler Proxies
The Information Security II is expected to maintain professional working relationships.
Contacts will include key corporate stakeholders, the Information Security Team,
business unit personnel, associated working groups, and external contacts within the
information security industry. The individual is expected to meet objectives with integrity
and efficiency.
Equal Employment Opportunity
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law
CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, genetic information, sexual orientation, gender identity or expression, or any other status protected by law.
Lo sentimos, este trabajo no está disponible en su región
Sé el primero en saberlo
Acerca de lo último Cism Empleos en Mexico !
6
CISO (Chief Information Security Officer)
Distrito Federal, Distrito Federal
IDS Comercial, S.A. de C.V.
Hoy
Trabajo visto
Descripción Del Trabajo
Buscamos un CISO (Chief Information Security Officer) para liderar la estrategia de seguridad de la información en IDS Comercial, S.A. de C.V. Este rol es fundamental para proteger los activos digitales de la empresa, garantizando la integridad, confidencialidad y disponibilidad de los datos.
Se busca un profesional con una mentalidad proactiva, capaz de anticiparse a las amenazas emergentes y liderar iniciativas de mejora continua en la seguridad de la información.
Requisitos:- Experiencia de al menos 5 años en el rol de CISO o equivalente en empresas de tamaño similar.
- Carreras afines: Actuaría, Matemáticas Aplicadas.
- Experiencia en gestión de riesgos de Seguridad de la Información.
- Conocimiento de estándares como ISO 27001, NIST, OWASP.
- Conocimientos técnicos en seguridad de redes, infraestructura y aplicaciones.
- Experiencia en auditorías de seguridad y cumplimiento normativo.
- Liderazgo y coordinación con áreas TI, legales y ejecutivas.
- Conocimiento en análisis costo-beneficio en mitigación de riesgos.
- Generar una visión de negocio que comprenda los riesgos de seguridad de la información que afronta la organización y cómo tratarlos.
- Identificar riesgos de seguridad de la información en los servicios otorgados a los clientes y dentro de ids.
- De los riesgos críticos de la organización deberá ser capaz de dar planes de mitigación a nivel de seguridad en caso de que así lo requieran y dar seguimiento a que se puedan mitigar.
- Coordinar con consultores externos para realizar auditorías independientes de seguridad de la infraestructura, red, aplicativos, entre otras.
- Trabajar con otros ejecutivos para priorizar las iniciativas de seguridad y el gasto en función de una gestión de riesgo adecuada.
- Supervisar la planificación de la respuesta a incidentes, así como la investigación de las infracciones de seguridad, y ayudar con los asuntos disciplinarios y legales asociados con dichas infracciones.
- Trabajar en conjunto con el Líder del SGSI para conocer las amenazas o los controles a implementar de acuerdo con el diagnóstico de la organización a nivel tecnológico.
- Investigar, conocer y aplicar los estándares en materia de Seguridad de la Información a ser implementados en la organización.
- Conocer las políticas de Seguridad de la Información del cliente y de ids.
- Gestionar los riesgos en materia de Seguridad de la Información, dando seguimiento a su tratamiento.
- Aplicar auditorías aleatorias (técnicas) de Seguridad de la Información en los proyectos.
- Proponer los procesos y protocolos de actuación para realizar la Gestión de Incidentes y de Gestión de Riesgos, asociados a la Seguridad de la Información.
- Medir en intervalos planeados la efectividad de las políticas, procesos y controles de Seguridad de la Información implementados.
- Identificar e informar desviaciones y oportunidades de mejora de Seguridad de la Información.
- Comunicar a los distintos interesados los eventos de seguridad de acuerdo con los protocolos aplicables.
- Proponer los procedimientos, políticas y protocolos de seguridad para cubrir las necesidades del negocio y cuando aplique, coordinar su elaboración por las áreas competentes.
- Coordinar la ejecución de acciones de concientización y capacitación en conjunto con las áreas correspondientes y en apego a los planes y programas definidos y aprobados.
- Mantener una correcta relación de la documentación asociada la Seguridad de la Información.
Si tienes un enfoque de liderazgo en seguridad y deseas contribuir al éxito de una empresa comprometida con la protección de la información, esta oportunidad es para ti. Únete a nuestro equipo y ayuda a construir un entorno seguro y resiliente para nuestros activos digitales.
#J-18808-Ljbffr
Lo sentimos, este trabajo no está disponible en su región
7
Security Incident Management
México, México
Ingeniosi
Publicado hace 7 días
Trabajo visto
Descripción Del Trabajo
Experiencia profesional:
- 3 a 8 años en operaciones de ciberseguridad.
- Experiencia tanto en proyectos como en operación continua .
- Debe haber trabajado con:
- Monitoreo de seguridad
- Respuesta a incidentes
- Threat hunting
- Análisis forense
- Remediación
- Evaluación de vulnerabilidades
- Automatización de procesos de ciberseguridad
2. Conocimientos y habilidades técnicas:
- GCP Security (Indispensable) .
- Definición de alertas, reglas de correlación, paneles de monitoreo ("single pane of glass").
- Conocimientos en herramientas como ServiceNow (plus).
- Scripting / automatización (Python, Bash, etc. – no lo especifican, pero es estándar).
- Experiencia creando playbooks de seguridad y documentación de procesos.
3. Certificaciones (deseables, no todas obligatorias):
- Obligatorias o clave:
- CISSP
- Google Professional Cloud Security Engineer
- Deseables:
- CCSP, CCSK
- GSEC, GCIH, GCFE, GCFA
- SC-200 (Microsoft)
- CEH
- AZ-900
Lo sentimos, este trabajo no está disponible en su región
8
Specialist II, Business Information Security Officer (BISO) (BPO Experience required)
Concentrix
Publicado hace 19 días
Trabajo visto
Descripción Del Trabajo
Job Title:
Specialist II, Business Information Security Officer (BISO) (BPO Experience required)
Job Description
The Country Business Information Security Officer (BISO) focuses on proactively identifying security and compliance issues/risks to business operation processes in various accounts, drives in executing the controls to deter, detect and mitigate security and insider risks - including establishing capability and mechanisms to monitor and audit information and data protection of both Concentrix and clients as well as compliance level of each process and relevant control item as deployed in the operational environment, The country BISO drives proactively to enhance the fraud and compliance prevention culture and risk-free environment in Concentrix as well as identifies issues that would include but not limited to physical and logical security, data privacy, KPI, CSAT, inbound/outbound calls manipulation, information leakage, etc. impacting business. Typical activities include but are not limited to Risk Management - risk identification, risk assessments, support in development of risk action plans, risk closures, supporting investigations - case documentation, written first-hand reports, involve in-person or remote interview of persons of interest and working outside normal business hours etc., Governance and metrics, Executive presentations, Collaboration with all teams/ departments. Achieves results through direct interaction as well as influencing other internal groups or persons to achieve results.
Concentrix Corporation is seeking a Country Business Information Security Officer to join the Global Security team reporting to the CNX GEO Business Information Security Officer - Insider Risk and Compliance team.
**Qualifications:**
+ 3 to 5 years of experience working in risk and compliance management, internal security controls, internal/external security assessment or audit, internal or cyber incident investigations.
+ **Experience in the BPO industry working in quality, security compliance or delivery.**
+ Bachelor's degree preferred in Security or Information Technology.
+ Deep understanding of BPO Business Operation and CRM services delivery processes.
+ Ability to identify performance and opportunity gaps.
+ Process driven and an eye for detail
+ Demonstrable experience of driving operational implementation of risk reduction initiatives, across business units, using influencing and security skills
+ Solid background of key network and technical security controls
**BISO Responsibilities:**
+ Drive the highest Integrity and Ethical standards across the staff and the accounts in scope.
+ Provide governance to operations management team and Quality Assurance team for effective and efficient surveillance and monitoring towards pro-active security and business process non-compliance issue identification.
+ Collaborate with respective supporting functions/departments (IT, HR, Facility, Legal, DPO, etc.) to address relevant security issues/risks.
+ Perform internal audit/assessment on regular basis based on different business process compliance management and risk control mechanisms in different accounts to ensure the full compliance as per relevant standard and identify potential issues/risks.
+ Work closely with the operation team to get all identified non-compliance items fixed in a timely manner to drive for closure and proactively propose and deploy extra preventive controls where appropriate.
+ Establish and execute a robust methodology for periodic reviews aiming to highlight the gaps that exist in the operational processes.
+ Analyze operational data to identify trends, root causes of business issues, and/or opportunities.
+ Provide recommendations for corrective and preventive actions and suggest improvements to the processes.
+ Review and report the results and present them to management team.
+ Ensure partnership with accounts management team for Proactive Compliance Risk Management - identification, assessment, risk action planning, and closures.
+ Coordinate and support Global Security Assessments (GSAs) - a holistic assessment (technology, HR, operations, finance, etc.) of risks being faced by delivery operations and No Notice Inspections (NNIs) conducted against the specific accounts in scope.
+ Conduct employee awareness and assist in developing training materials and where necessary assist in specific training.
**Accountability:**
+ Primary contact for security matters in country/region as appropriate
+ Accountable for local implementation of country specific global security strategies and initiatives
+ Delivery of established Global Security metrics as well as all visibility enabling initiatives, country-wide
+ Study the contracts signed with Clients, and validate continuous contractual compliance for all controls, both physical and logical.
+ Must have strong project leadership experience and ability to work with global, multi-cultural teams and drive to meet stringent deliverable timelines
+ Accountable to drive identified account (client) and internal (corporate) risks, in partnership with key stakeholders, through to remediation or risk sign-off
+ Plan, participate and execute Global Security Assessments (GSAs) in specific country per GSA Schedule / Calendar identifying both internal & external vulnerabilities
+ Lead & Execute in the action planning activity as necessary to close identified vulnerabilities the security and business process compliance in various accounts to meet business and client expectation.
#LATAMCNX
Location:
MEX Mexico City Downtown Insurgentes
Language Requirements:
Time Type:
Full time
**If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents (
Specialist II, Business Information Security Officer (BISO) (BPO Experience required)
Job Description
The Country Business Information Security Officer (BISO) focuses on proactively identifying security and compliance issues/risks to business operation processes in various accounts, drives in executing the controls to deter, detect and mitigate security and insider risks - including establishing capability and mechanisms to monitor and audit information and data protection of both Concentrix and clients as well as compliance level of each process and relevant control item as deployed in the operational environment, The country BISO drives proactively to enhance the fraud and compliance prevention culture and risk-free environment in Concentrix as well as identifies issues that would include but not limited to physical and logical security, data privacy, KPI, CSAT, inbound/outbound calls manipulation, information leakage, etc. impacting business. Typical activities include but are not limited to Risk Management - risk identification, risk assessments, support in development of risk action plans, risk closures, supporting investigations - case documentation, written first-hand reports, involve in-person or remote interview of persons of interest and working outside normal business hours etc., Governance and metrics, Executive presentations, Collaboration with all teams/ departments. Achieves results through direct interaction as well as influencing other internal groups or persons to achieve results.
Concentrix Corporation is seeking a Country Business Information Security Officer to join the Global Security team reporting to the CNX GEO Business Information Security Officer - Insider Risk and Compliance team.
**Qualifications:**
+ 3 to 5 years of experience working in risk and compliance management, internal security controls, internal/external security assessment or audit, internal or cyber incident investigations.
+ **Experience in the BPO industry working in quality, security compliance or delivery.**
+ Bachelor's degree preferred in Security or Information Technology.
+ Deep understanding of BPO Business Operation and CRM services delivery processes.
+ Ability to identify performance and opportunity gaps.
+ Process driven and an eye for detail
+ Demonstrable experience of driving operational implementation of risk reduction initiatives, across business units, using influencing and security skills
+ Solid background of key network and technical security controls
**BISO Responsibilities:**
+ Drive the highest Integrity and Ethical standards across the staff and the accounts in scope.
+ Provide governance to operations management team and Quality Assurance team for effective and efficient surveillance and monitoring towards pro-active security and business process non-compliance issue identification.
+ Collaborate with respective supporting functions/departments (IT, HR, Facility, Legal, DPO, etc.) to address relevant security issues/risks.
+ Perform internal audit/assessment on regular basis based on different business process compliance management and risk control mechanisms in different accounts to ensure the full compliance as per relevant standard and identify potential issues/risks.
+ Work closely with the operation team to get all identified non-compliance items fixed in a timely manner to drive for closure and proactively propose and deploy extra preventive controls where appropriate.
+ Establish and execute a robust methodology for periodic reviews aiming to highlight the gaps that exist in the operational processes.
+ Analyze operational data to identify trends, root causes of business issues, and/or opportunities.
+ Provide recommendations for corrective and preventive actions and suggest improvements to the processes.
+ Review and report the results and present them to management team.
+ Ensure partnership with accounts management team for Proactive Compliance Risk Management - identification, assessment, risk action planning, and closures.
+ Coordinate and support Global Security Assessments (GSAs) - a holistic assessment (technology, HR, operations, finance, etc.) of risks being faced by delivery operations and No Notice Inspections (NNIs) conducted against the specific accounts in scope.
+ Conduct employee awareness and assist in developing training materials and where necessary assist in specific training.
**Accountability:**
+ Primary contact for security matters in country/region as appropriate
+ Accountable for local implementation of country specific global security strategies and initiatives
+ Delivery of established Global Security metrics as well as all visibility enabling initiatives, country-wide
+ Study the contracts signed with Clients, and validate continuous contractual compliance for all controls, both physical and logical.
+ Must have strong project leadership experience and ability to work with global, multi-cultural teams and drive to meet stringent deliverable timelines
+ Accountable to drive identified account (client) and internal (corporate) risks, in partnership with key stakeholders, through to remediation or risk sign-off
+ Plan, participate and execute Global Security Assessments (GSAs) in specific country per GSA Schedule / Calendar identifying both internal & external vulnerabilities
+ Lead & Execute in the action planning activity as necessary to close identified vulnerabilities the security and business process compliance in various accounts to meet business and client expectation.
#LATAMCNX
Location:
MEX Mexico City Downtown Insurgentes
Language Requirements:
Time Type:
Full time
**If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents (
Lo sentimos, este trabajo no está disponible en su región
9