GRC Security Analyst
Bogota, Colombia
GPO LATAM – GPO LATAM - Engineering /
Full-time /
Hybrid
About PayU
PayU, a leading payment and Fintech company in 50+ high-growth markets throughout Asia, Central and Eastern Europe, Latin America, the Middle East and Africa, part of Prosus group, one of the largest technology investors in the world is redefining the way people buy and sell online for our 300.000+ merchants and millions of consumers.
As a leading online payment service provider, we deploy more than 400 payment methods and PCI-certified platforms to process approximately 6 million payments every single day.
About the rol
- The main objective of this role is to ensure information security governance, and compliance at organizational and technical level. This person will be responsible as well for managing security risks in platforms and business.
What you will do
- Accountable for designing early detection mechanisms on such controls that are related to organizational processes such as access management, security governance, HR security awareness, Internal control, risks management, supplier management.
- Follow-up periodic security management controls according to the different deadlines established by external audits such as PCI DSS, SOX, suppliers etc.
- Represent the Infosec team for managing requests with external clients to demonstrate the current security posture as well as receive the security compliance inquiries from business and organizational teams.
- Interact with External Security Management Audits and business teams like legal, privacy, marketing, finance, etc.
- Maintain the Risk management process and SOX controls applied to the team.
- Create and update new formal security governance documents such as policies, standards, and procedures for compliance against PCI DSS and business objectives.
- Access control management (IAM) for users, profiles, and roles across various platforms, based on the principle of least privilege.
What you will need to succeed
- BS Degree in Computer/Electronics/Telecoms Engineering or any other related IT field.
- 5 years of experience in the IT industry or, preferably, 4 years of experience in information security areas.
- PCI-DSS standard audits Experience, ISO 27001, SOX, or other standards could be accepted.
- Have an analytical mind and strong problem-solving skills
- B2 English level
- Cloud platforms core concepts knowledge desirable
- Excellent and fluent communication skills in Spanish and English
- Time and Self-Performance management
About us
At PayU, we are a global fintech investor and our vision is to build a world without financial borders where everyone can prosper. We give people in high-growth markets the financial services and products they need to thrive. Our expertise in 18 high-growth markets enables us to extend the reach of financial services. This drives everything we do, from investing in technology entrepreneurs, to offering credit to underserved individuals, to helping merchants buy, sell and operate online. Being part of Prosus, one of the largest technology investors in the world, gives us the presence and expertise to make a real impact. Find out more www.payu.com
Our Commitment To Building A Diverse And Inclusive Workforce
As a global and multi-cultural organization with varied ethnicities thriving across locations, we realize that our responsibility towards fulfilling the D&I commitment is huge. Therefore, we continuously strive to create a diverse, inclusive and safe environment, for all of our people, communities and customers. Our leaders are committed to create an inclusive work culture which enables transparency, flexibility and unbiased attention to each and every PayUneer so they can succeed, irrespective of gender, color or personal faith. An environment where every person feels they belong, that they are listened to, and where they are empowered to speak up. At PayU we have zero tolerance towards any form of prejudice whether a specific race, ethnicity, or of persons with disabilities or the LGBTQ communities.
