Grc (Governance, Risk & Compliance) Jr. Manager

Must:
Hard Skills:

• Experience and understanding on IT security, audits and compliance

• Good understanding of ITIL processes and methodologies

• Focus on quality and risk management

• Experience in customer, teams and vendors management (face-to-face and remote)

• J-SOX audits

Soft Skills:

• Ability to work under pressure to respond and resolve incidents within the SLAs

• Customer oriented

• Ability to effectively manage multiple areas/services simultaneously

• Good analytical and troubleshooting skills

Profile:

• University degree in Information Systems, Computer Science, or equivalent

• 5+ years working experience

• Advanced English (written and verbal)

• ITIL certification (v3 / v4)

Nice to have:
Hard Skills:

• Project Management knowledge, business acumen and contract terminology

• Knowledge of ticketing tools (Jira, Service Now) for licenses processes

• Salesforce knowledge
• AIM (access identity management)

Soft Skills:

• Ability to effectively lead a team

• Ability to work collaboratively and strong communication skills in Spanish and English

• Service management rigor, planning and personal organization

Profile:

• Certification ISC2, CISSP or similar

• Financial and/or Insurance industry knowledge and experience

• PMI or CAPM certification

• Background or experience in internal control, audit or process management areas.

Responsibilities:

• Manage internal and external IT audit (including JSOX) processes

• Respond and coordinate integrated responses to both internal and external audits

• Manage information security processes

• Follow up to remediate applications and infrastructure vulnerabilities resulting from PenTests and other practices

• Single sign on enabling across applications

• Code reviews

• Coordination with internal areas and vendors to establish and execute remediation plans

• Manage IT compliance

• New user accounts, user accounts modifications, user accounts revocation process

• Application user access certification process

• Maintenance of IT policies and

• Keep documentation about policies, audits, security, strategies, plans updated • Mentor and coach IT areas about policies, audits, security

• BCP process documentation and follow up

• Payment Card Industry Data Security Standard (PCI DSS)

• ESG Criteria

• Liaison with Compliance, Audit and Security business areas for various topics such as audits, requirements, remediation plans

• Nissan (NMEX,NEdM, NRFS, NRFM y ANZEN) realiza contrataciones con base al cumplimiento del perfil de puesto en la vacante, sin distinción (ni discriminación por género, identidad y/o expresión de género, orientación sexual, ) raza, color, idioma, religión, opinión política o de cualquier otra índole, origen nacional o social, posición económica, nacimiento o cualquier otra condición.
• Nissan (NMEX,NEdM, NRFS, NRFM and ANZEN) hires based on the fulfillment of the job profile in the vacancy, without distinction or discrimination based on gender, gender identity and/or expression, sexual orientation, race, color, language, religion, political or any other opinion, national or social origin, economic position, birth or any other condition.

Jesus Maria Aguascalientes Mexico