Job : IT Security Jr. Compliance Analyst
Department : IT Regional
Reports to : IT Security Regional Director
Location : CDMX, MEXICO
Linio is the biggest ecommerce platform in Latin America. With presence in 8 countries, our sellers have access to a huge market of over 300 million people.
In order to make this great platform run smoothly for customers and sellers worldwide, a very talented technology team is required.
Our scale, by itself, increases the difficulty of many challenges that companies face everyday.
This role is for an entry-level Information Technology professional. The I T Security Jr. Compliance Analyst will conduct audits to evaluate both the design and operating effectiveness of security-
related controls and evaluates management's implementation of such controls; test controls designed to mitigate risks, communicate issues and findings to IT Management, and follow-
up on corrective actions.
Contribute to the definition and execution of the PCI-DSS internal audit plan, based on an understanding of our business and risk exposures and incorporating an integrated approach with operational audit.
Work closely with IT Security, Infrastructure and Dev Teams to define and execute IT security and application security audits.
Interviewing personnel, testing and evaluating current IT controls as part of audit execution.
Participate in audit engagements covering the IT systems including risk assessments, audit planning, audit testing, control evaluation, report drafting and follow-
up and verification of issue closure.
Identify risks, evaluate, test and report on the adequacy and effectiveness of management controls;
Perform walkthroughs and testing of ITGC;
Design, document, test and assist in remediation of IT process controls in a wide range of environments, including policies and procedures that address key areas of an IT organization, including system development, change management, information security, operations, and segregation of duties.
Experience and technical requirements :
IT Audit experience and / or related IT role (in areas relevant to information security) with focus in app and database security
Understanding of IT operational processes and best practices
Understanding of IT risks, IT General Controls, Application controls,
Knowledge of PCI-DSS
Knowledge of ISO 27001, SOX desirable
Knowledge of GRC tools desirable
1-2 years of proven experience
Bachelor Degree in Computer Science / or Information Technology / or Software Engineering or related branch