Information Security and Compliance Sr Specialist (BOG)

Position Summary:

The Information Security and Compliance Senior Specialist is responsible for ensuring that Hire Horatio’s information technology systems and processes comply with relevant laws, regulations, and standards.
 

Responsibilities:

• Monitor and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance.
• Developing and implementing policies and procedures for IT governance and risk management, including identifying, assessing, and mitigating risks.
• Develop, implement, and maintain compliance frameworks, policies, and procedures to align with applicable laws (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., ISO 27001, NIST).
• Conducting regular audits and assessments to ensure compliance with applicable laws, regulations, and standards, such as SOC 2 Type 2, HIPPA, the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Regulation (GDPR), and the Sarbanes-Oxley Act (SOX), etc.
• Ensure clear documentation and communication of IT policies and procedures to relevant stakeholders.
• Working closely with other IT and business teams to integrate risk management and compliance considerations into the organization's operations and processes.
• Providing guidance, training, and support to other members of the organization on IT governance and risk compliance best practices and protocols.
• Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture.
• Reporting on the organization's compliance status and risk profile to relevant stakeholders, such as the Head of IT, regulatory bodies, and external auditors.
• Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture. 

Required Skills/Abilities:

• Advanced English proficiency.
• Excellent leadership, communication, and cross-functional collaboration skills.
• Proven expertise in cloud security, particularly within AWS environments.
• Strong hands-on experience with Zscaler, CrowdStrike, and OneTrust.
• Demonstrated ability to develop and implement security policies, procedures, and frameworks.
• Experience in conducting security assessments, vulnerability management, and incident response.
• In-depth knowledge of regulatory frameworks such as SOC2, HIPAA, GDPR, and PCI DSS.
• Ability to stay current with emerging cybersecurity trends and threats.
• Strong analytical skills with the ability to assess risks, analyze complex problems, and develop practical solutions.
• Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making at all levels of the organization.
• Strong project management skills with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines in a fast-paced environment.
• Understanding of risk management principles and techniques, including risk assessment, risk analysis, and risk mitigation.
• Familiarity with cybersecurity and network security concepts, including threat intelligence, incident response, and vulnerability management.
• Ability to develop and implement policies and procedures related to IT governance and risk management.
• Ability to analyze and interpret data and use it to inform decision-making.

Education and Experience:

• Bachelor's degree in Information Technology, Computer Science, or a related field.
• Advanced degree or professional certifications (e.g., CISA, CISSP, CRISC, CGEIT) preferred.
• Proven experience (typically 3+ years) in IT governance, risk management, and compliance roles, preferably within regulated industries such as finance, healthcare, or technology.
• In-depth knowledge of IT governance frameworks, standards, and regulatory requirements (e.g. GDPR, HIPAA, SOX).

On-site position in Bogota.