IT Security, Risk & Compliance Specialist

• The primary responsibilities of the IT Security Risk & Compliance Specialist are to provide support,
• tracking of security incidents related to the information technologies in LATAM. Also, review and keep tracking the implementation plans related to the Vulnerability and Patched management controls in LATAM applications, Databases and Operating systems.
• Heavily involved in security and IT control evaluation regarding to LATAM IT self-assessment and compliance with IT framework control and its compliance in Adecco Governance Risk & Compliance (GRC) tool. Supports the IT Security Manager during the external/ Internal IT audits.
• This position supports the IT application owners in the assessment of segregation of duties of LATAM IT applications.

Reporting Relationships:

•  Reports directly to the LATAM Manager of Security Risk & Compliance

Location of Position:

This position is with LATAM IT Hub in the LATAM Security Risk & Compliance department.

Major Responsibilities

• Provides support, detection and monitoring of IT incidents in LATAM Countries
• Assessment of Security & IT controls regarding to Adecco LATAM IT applications, workstations, IT Infrastructure and Networks
• Support in IT attestations Audits. - ISAE3402 / SSAE 18 / SOC 1 / SOC 2
• Support in the assessment of new technologies/applications/tools and its compliance with Adecco IT/ Security Policies.
• Oversee and support in the external audits and Security Questionnaires related to the Security Controls implemented in LATAM Countries. 
• Report to LATAM IT Security related to progress of the KPIs for IT Controls compliance for the assigned LATAM Countries in the Adecco Group GRC.
• Keep tracking of the implementation activities in the process of vulnerabilities & patch management.
• Support in the review of Segregation of Duties in applications, data bases and Operating System for Adecco LATAM Countries.

Required Experience/Qualifications

• B. S. in Engineering or Computer Science or equivalent
• 3+ years of IT experience in IT Audit / IT Attestation / IT Security in a large enterprise/ one of Big Fours
• Knowledge in external / internal audits , attestation reporting: ISAE3402 or SAE18 IT audits
• Knowledge in any IT control Framework as Cobit / ITIL
• Experience in Ethical Hacking. -Tracking of plan of action vulnerabilities
• Experience desired in Service Now or any tool for Governance Risk & Compliance.
• Knowledge of IT applications frameworks for developing software to identify risks , vulnerabilities and review in Segregation of Duties
• Self-guided and disciplined and able to work remotely when required.
• Experience in Contract review related to IT Security Clauses to detect risk.
• Knowledge in Vulnerability & Patched management
• Excellent organizations, leadership, and interpersonal skills
• Ability to effectively communicate with teams across the entire organization
• Ability to manage, multitask and prioritize multiple tasks and their timelines.