Descrição de Vaga
| Código: | 15869 |
| Título da vaga: | Cyber Security Analyst_L3 - Cyber Analyst - GRC Third Party Risk Specialist - CGEMJP00344316 |
| Local: | São Paulo, SP (Remoto) |
| Região | Outra |
| Nível Profissional: | Especialista |
| Nível Acadêmico: | Ensino Superior Completo |
| Áreas de Atuação Profissional: | TI - Projetos |
| Descrição: | Cargo: Cyber Security Analyst_L3 - Cyber Analyst - GRC Third Party Risk Specialist CGEMJP00344316 Idiomas: Inglês avançado Período de alocação: 23/06/2026 até 07/04/2027 Modelo de trabalho: Remoto |
| Habilidades: | Descrição da Vaga: Cyber Security Analyst Responsible for simultaneous multiple incident investigations and monitoring. Also providing incident reports to senior analysts within the business to keep on top of threats and vulnerabilities. Job Description for Third Party Risk Specialist to support Nissan Mexico Requirements • 1-5 Years of Information Security Experience This role, part of the GRC (Governance, Risk, and Compliance) team in the Information Security Department, involves collaboration with Legal, Purchasing, and other departments at Nissan-Americas. Responsibilities include: • Third-Party Risk Assessment: Conduct risk assessments of third-party vendors to ensure they meet security requirements and standards. • NIST Attestation Review: Review and ensure compliance with NIST (National Institute of Standards and Technology) standards and attestations. • Contract Review: Review legal contracts between Nissan and vendors to ensure security requirements are met. • Risk Communication: Communicate risk assessment findings to team owners, custodians of information risk, business partners, and information governance and security teams. • Risk Management Advice: Provide advice to information governance or security teams to enable informed risk management decisions. • Control Implementation: Identify and facilitate the implementation of appropriate controls to effectively manage information risks. • Risk Posture Improvement: Identify opportunities to improve risk posture, develop solutions for remediating or mitigating risks, and assess residual risk. • Relationship Management: Maintain strong working relationships with individuals and groups involved in managing information risks across the organization. Key Qualifications • Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well. • Ability to identify and assess the severity and potential impact of risks, and communicate findings to risk owners outside the cybersecurity program to drive objective, fact-based decisions that optimize the trade-off between risk mitigation and business performance. • Understanding of organizational mission, values, goals, and consistent application of this knowledge. • Ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization. • Ability to apply original and innovative thinking to produce new ideas. • Understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part. • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. • Strong problem-solving and troubleshooting skills. |