Orion innovation is a premier, award-winning, global business and technology services firm. Orion delivers game-changing business transformation and product development rooted in digital strategy, experience design, and engineering, with a unique combination of agility, scale, and maturity. We work with a wide range of clients across many industries including financial services, professional services, telecommunications and media, consumer products, automotive, industrial automation, professional sports and entertainment, life sciences, ecommerce, and education.
responsibilities and qualifications
* 5+ years of experience in a combination of risk management, compliance, or information security roles in the technology domain in the financial, consultancy or pharmaceutical industry successfully managing internal control, audit risk or operational risk programs.
* broad experience in large and complex business environments with a successful track record working directly with senior level management with at least 3 years of experience in one or more of the following domains: access control, telecom and network security, risk management, software development security, cryptography, security architecture and design, banking regulations, technology or security audit, technology, or security compliance.
* demonstrated ability to apply technology related knowledge and experience in solving compliance issues. Familiar with a broad range of technical concepts such as logical access control, agile development process, secure coding principles, security architecture, information security, network security, and data privacy.
* experience performing information security audits or risk assessments.
* clear understanding of risk management practices in general and security risk management best practices and methodologies specifically.
* ability to communicate in a clear and concise manner with all levels of an organization and convey complicated technology and security concepts to technical and non-technical stakeholders.
* has the ability to operate with a limited level of direct supervision. Can exercise independence of judgement and autonomy.
* excellent project management and organizational skills with the ability to meet deadlines and quickly establish clear priorities. Excellent interpersonal, communication, and presentation skills, including formal report writing experience.
* fluent in spanish and english.
highly desirable
* experience in the financial industry is preferred, particularly in payments systems such as spei, spid, tef, swift, and products such as direct debit and checks. Knowledge of spei, spid and indeval operational risk and information security requirements, and cash equities best execution algorithm.
* knowledge of article 86 of the general dispositions applicable to credit institutions, and article 142 of the general dispositions applicable to brokerage houses.
* knowledge of information security risk management frameworks and compliance practices, including iso 31000, iso 2700x, nist 800 series, soc, and owasp.
* well-versed in risk analysis methodologies such as nist, octave, and fair.
* relevant risk, control, or information security certifications.
certifications
* isaca - certification in risk and information systems control (crisc).
* iia - certification in risk management assurance (crma).
* coso – internal control certificate.
* isaca - certified information systems auditor (cisa).
* (isc)2 - certified information systems security professional - architecture (cissp).
* (isc)2 - certified information systems security professional (cissp).
* (isc)2 - information systems security management professional (issmp).
* ec-council - security 5 certification.
* isaca - certified information security manager (cism).
* iia - certified internal auditor (cia).
other qualifications
* expertise in financial policies and procedures, u.s. Gaap/ifrs and sox requirements.
* significant external/internal audit experience in a big four accounting firm and/or in a large global corporation.
ofrecemos:
orion is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, citizenship status, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
#j-18808-ljbffr