Information Security Compliance Manager

Media.Monks is looking for an InfoSec Compliance Manager who is experienced, knowledgeable and passionate about discovering the best ways to contribute with our business to manage information security risks and improve compliance and data protection. This position will report to the global CISO and will work with a global scope. In an extremely dynamic industry which challenges security experts with new technologies and services developed for clients, we expect you can leverage your expertise to find creative solutions, raising our competitiveness in the marketplace and decreasing the most challenging security risks. You will manage a team of professionals in information security and data protection with less than 2 years of creation and fast growth and improvement.

PRIMARY RESPONSIBILITIES

• Manage the InfoSec Compliance team following the CISO´s expectations and guidance towards annual objectives and priorities.
• Contribute to the personal development of the members of your team, aligned with the defined objectives, using feedback as a key communication tool and measuring their progress according to the processes established.
• Develop, implement, and maintain KPIs for measuring team progress and performance.
• Keep the CISO informed about the progress of the objectives, projects and tasks defined, as well as any blockers or drawbacks ahead.
• Partner with Legal, HR, Operations, Procurement, Growth departments (and other areas) to achieve the set objectives, establishing strong channels for communication and collaboration.
• Advise the CISO in areas related to risk discovery and mitigation, standards implementation, best practices and improvement opportunities.
• Manage the continuous improvement of internal processes that serve the business to facilitate the engagements with clients and ensure the required compliance.
• Engage with clients in security assessment processes in order to provide support for achieving the client's requirements.
• Manage the risk assessment process and improve the risk discovery, documentation, treatment and measurement cycle.
• Implement security assessments across the key platforms and environments.
• Manage internal and external audits, including certification, surveillance and re-certifications.
• Assist defining and rolling out a certification strategy for the diverse InfoSec certifications held and required by 3rd parties.
• Be the focal point for new projects or initiatives in order to incorporate security by design and ensure they are aligned with internal standards and client security requirements.
• Participate in the planning, design, and evaluation of corporate projects and platforms with high impact in data processing.
• Engage with Cybersecurity teams to coordinate activities oriented to assessing compliance of infrastructure, applications, systems and SaaS - in all environments - on-premise and cloud.
• Participate in the incident response process from a compliance standpoint and to coordinate remediation actions, identify lessons learned and promote their implementation.
• Improve and manage the 3rd party risk management global process with a risk driven approach.

KNOWLEDGE AND SKILL REQUIREMENTS

• 5+ years of experience managing a team in a similar position.
• 10+ years experience in Information Security or Data Protection.
• Bachelor’s in Computer Science or Engineering with an emphasis in Information Security (post-graduate specialization is also accepted).
• Advanced English - oral and written
• Extensive knowledge of IT Infrastructure, network design, engineering and software architecture with a cybersecurity focus.
• Deep knowledge of standards: ISO27001, ISO31000, ISO27701, SOC2, TISAX.
• Experience working with various project and portfolio management tools and methodologies, Agile/Scrum methods is a must.
• Strong hands-on experience managing audit processes from an auditee perspective.
• Experience leading InfoSec Governance, Risk and Compliance (GRC) teams.
• Experience in managing information security hybrid and multi cloud environments with high dynamism.
• Strong communication and collaboration skills working cross functionally with stakeholders.
• Being a positive lead when managing the team.
• Experience presenting to broad audiences from technical to executive level.

WE VALUE

• Experience managing multi-region teams.
• Information Security Certification (e.g. CISSP, Comptia Sec, CISM, CRISC, etc)

#LI-MH1

#LI-Hybrid

About Media.Monks:

Media.Monks is on a mission to create a new future for this industry. Our vision? Build everything with a belief that changing for good comes from changing who does the work. Yep, that means you. Welcome to the party—one global, cross-cultural collective with a passion for using our skills to create better and a better world. That’s how we’re able to connect the dots between data, content, digital media, and technology from everywhere we are—a true end-to-end model. Joining the Media.Monks collective means having the opportunity to create award-winning work with some of the most gifted, focused, joyful, talents from all over the world.

At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.

We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.