Overview:
SoftwareOne is a leading global software and cloud solutions provider that is redefining how organizations build, buy and manage everything in the cloud. By helping clients to migrate and modernize their workloads and applications - and in parallel, to navigate and optimize the resulting software and cloud changes - SoftwareOne unlocks the value of technology. The company's 8,900 employees are driven to deliver a portfolio of 7,500 software brands with sales and delivery capabilities in 90 countries. Headquartered in Switzerland, SoftwareOne is listed on the SIX Swiss Exchange under the ticker symbol SWON. Visit us at www.SoftwareOne.com
Responsibilities:
We are thrilled to announce the opportunity to join our team as a:
Cybersecurity Risk Management SpecialistScope: Full-time | Location: Colombia | Modality: Remote
What your day-to-day would look like in this role:Cybersecurity Risk and Compliance Management
* Identification, analysis, and treatment of risks based on frameworks such as ISO 27005 and NIST.
* Application of threat modeling methodologies like MITRE ATT&CK and STRIDE.
* Monitoring vulnerabilities using standards such as CVE, CVSS, and NVD.
* Ensuring regulatory compliance with standards such as ISO 27001, NIST 800-53, and PCI DSS.
* Use of GRC platforms (Archer, ServiceNow, MetricStream) for centralized governance.
Security Indicator Monitoring
* Definition and tracking of cybersecurity KPIs and KRIs.
* Preparation of executive reports and dashboards for decision-making.
* Generation of metrics to assess the overall security posture.
Information Security Assessment and Controls
* Conducting audits and control reviews based on frameworks such as COBIT, NIST CSF, CIS Controls, and ISO 27002.
* Assessment of third-party and vendor-related risks.
* Continuous review of internal controls to strengthen the organization's security posture.
Qualifications:
Profile:
Systems Engineering, Electronic Engineering, Telecommunications Engineering, Information Security, or related fields. Experience and knowledge in cybersecurity, IT governance, and risk assessment.
Required Skills:
* Cybersecurity risk management (ISO 27005, NIST).
* Threat modeling (MITRE ATT&CK, STRIDE).
* Vulnerability assessment (CVE, CVSS, NVD).
* Knowledge of compliance frameworks (ISO 27001, NIST 800-53, PCI DSS).
* Experience using GRC tools (Archer, ServiceNow, MetricStream).
* Monitoring of cybersecurity KPIs and KRIs.
* Security controls auditing and assessment (COBIT, CIS Controls, NIST CSF).
Desirable:
* Certifications in ISO 27001, NIST, or other information security frameworks.
Benefits:
* A unique culture with lived corporate values for an appreciative and supportive work environment.
* Opportunity to develop your potential in a personalized way and according to your objectives within the role.
* Economic incentive program for employee referrals for active positions.
* Spaces for leisure, celebrations and recreation for your physical and mental health.
Share this job:
Share this Job
