Job Title:
Specialist II, Governance, Risk and Compliance
Job Description
Role Focus:
This role will be focused on security operations delivery for assigned customer contact centers. Responsibilities include:
- Participating in establishing programs to deter, detect, and mitigate risks.
- Building capabilities to monitor and audit information, evaluate personnel security data, and establish employee awareness.
- Driving assurance tests and supporting both internal and external audits.
- Consulting with business stakeholders to balance compliance with delivering optimal security solutions within contractual, regulatory, and CNX standard limits.
- Engaging in technical discussions and disseminating innovative, out-of-the-box solutions to align security with business needs.
- Leading assurance tests such as security health checks, training, physical security, ID validation, etc., ensuring CNX standards and contractual requirements are met and measured.
- Achieving results through direct interaction as well as influencing other internal groups and individuals.
- Supporting incident response and investigations as required.
Responsibilities:
- Design, implement, and lead a comprehensive risk management strategy for the account.
- Support the program in embedding a risk-aware culture across teams.
- Establish and quantify the program's risk appetite and ensure adherence to the defined risk approach.
- Conduct horizon scanning to identify and assess emerging risks affecting the business.
- Ensure compliance with contractual, legal, and regulatory obligations while balancing commercial and practical considerations.
- Drive continuous improvement in efficiency and client service (internal and external) within all Risk and Compliance processes.
- Lead, develop, and motivate the Risk and Compliance team to maximize effectiveness.
- Keep senior management informed of contractual, legal, and regulatory changes, outlining obligations and business impact.
- Provide regular reports to senior leadership and relevant functions on current issues and risk-related updates.
- Oversee corporate governance activities, including risk reporting to stakeholders.
- Deliver support, education, and training to staff to strengthen organizational risk awareness.
- Identify opportunities for product and service enhancements, collaborating with key functions to deliver improvements.
- Review time-bound Security Calendar activities and ensure timely closure of related tasks.
- Execute IT Security Operations processes, monitor performance, and implement corrective actions as needed.
- Coordinate and support CNX/Client/Internal/Standards testing (PCI, ISO 27001, SSAE16, etc.).
- Gather customer requirements and contractual obligations, ensuring compliance at the location.
- Facilitate customer audits, assessments, and inspections, including pre-audit preparation, execution, and remediation planning.
- Interpret global security requirements, regulatory frameworks, and cross-country laws to maintain compliance while balancing business needs.
- Build and maintain documentation for all procedures to improve service levels, efficiency, and quality standards.
- Lead a team of Analysts/Senior Analysts or similar roles as required.
Accountability:
Responsible for location/account-level activities, including:
- Implementing and maintaining security practices to protect facilities, information, equipment, and personnel in line with customer requirements.
- Conducting technical and information security activities such as security education, document classification, and records management.
- Ensuring compliance with customer security requirements and enhancing adherence.
- Leading internal assessments for the contact center, covering all customer requirements at defined intervals.
- Providing incident management support to the general security team.
- Supporting customer assessments and ensuring prompt closure of corrective action plans.
Required Skills:
Must-have Technical Skills (Mandatory):
IT and Information Security Risk and Compliance
Good-to-have Technical Skills (Preferred):
- Industry certifications such as CISA, CISM, CISSP, ISO 27001:2022
Soft Skills (Team Fit):
- Strong communication skills
- Effective stakeholder management
Qualifications
- Industry-accredited certifications preferred: CISSP, CISA, CISM, CIPP, CEH, ISO Lead Auditor).
- Proven experience in managing security, risk, and compliance functions.
- Demonstrated ability to lead and manage teams effectively.
- Experience in managing remote teams is an added advantage.
Location:
PRT Lisbon - Av. Mediterraneo, N°1
Language Requirements:
Time Type:
Full time
If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents