Buenos Aires, Buenos Aires
Indefinido
Senior Information Security Analyst – Buenos Aires
Be a part of a revolutionary change
At PMI, we’ve chosen to do something incredible. We’re totally transforming our business, and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.
With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.
PMI’s journey to a smoke-free future is fuelled by technology.
The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions.
To join us in IT you’ll need to be driven and equally happy whether you’re taking the strategic view or diving deep into processes. We'll make sure you're set up to succeed whatever your project is, our culture is agile and collaborative, and we genuinely believe our people are some of the best you’ll ever work with.
Your “day to day” will look like this:
- Providing expert guidance to IT and relevant business teams on the identification, analysis, evaluation and treatment of information security risks.
- Identify and drive information risk reduction activities via engagement with company stakeholders and insights from internal and external cyber intelligence sources.
- Address cyber security requirements within supplier agreements for mitigating the risks associated with supplier’s access to company assets and data
- Advisory over activities to be done throughout the project for secure system implementation and audit preparedness of the solution.
- Drive the adoption of a leading Information Security Risk Management framework in PMI and contribute to the continuous improvement of the risk management practice.
- Support reviews of systems and services for compliance with Company requirements in the areas of information security and data privacy
- Coordinate and conduct information security due diligence of suppliers
- Prepare and deliver presentations communicating risks mitigated, and the potential impacts of unmitigated risks to management
- Conducting information security risk management trainings and awareness campaigns.
- Partnering with other Information Security teams to continuously improve the overall information security risk exposure and achieve higher levels of information security maturity
Who we’re looking for::
- University degree or currently studying computer science, information technology or a relevant field
- Minimum 3 years of experience in implementing or maintaining a risk management framework in a modern IT environment (e.g., with cloud computing, big data, DevOps, identity & access management, personal data protection (GDPR) and data leakage prevention).
- Deep knowledge of Information Security frameworks and methodologies (e.g., NIST RMF, ISO 27001).
- Deep knowledge of industry and regulatory requirements (e.g., SOX, GDPR, KVKK, PCI-DSS).
- Professional certifications related to Information Security, IT audit or IT risk management (e.g., CISA, CRISC, CISSP), would be an asset.
- Strong knowledge of ITIL processes, project management incl. Agile methodologies
- Strong interpersonal, verbal and written communication skills. Fluency in written and spoken English, Portuguese is a plus.
- Presenting clearly and adapting to different audiences (technical and business), synthesize feedback from the field in a way that makes sense to senior leaders.
- Availability to travel up to 20% with flexibility, ability to work cross-functionally and comfort about recurring access to Company higher management