SMASH, Who we are?
We are agents for tech professionals in Costa Rica, Colombia and United States that help them build careers in the United States.
We believe in long-lasting relationships with our talent.We invest time getting to know them and understanding what they seek as their professional next step.
We aim to find the perfect match.As agents, we pair our talent with our US clients, not only by their technical skills but as a cultural fit.Our core competency is to find the right talent fast.
We purposefully move away from the “contractor” or “outsourcing” type of relationship.Our clients don’t want contractors or “just a service.” Neither does our talent.
Our Benefits
- Work from everywhere
- Private Medical Insurance
- English Academy for Employees and Relative
- Business Skills Coach – Certifications
- Discounts with Tech Universities
- Events and Additional Perks
This is a remote position
Security and Compliance Lead
The Role
We are on the lookout for a Security and Compliance Lead to take charge of our company’s security and compliance initiatives. Reporting directly to the Chief Information Officer, your primary responsibilities will include:
Leading and owning all security and compliance processes across the organization, including cybersecurity and privacy aspects.
Spearheading the ISO27001 certification process.
Collaborating closely with the legal team to address security, privacy, and compliance inquiries in customer and vendor contracts.
Developing, implementing, and maintaining security policies and procedures in accordance with industry best practices and regulatory requirements.
Establish a security roadmap
Develop and implement security awareness and privacy training.
Security and Compliance Lead
Serving as the key point of contact for all security and compliance-related issues, ensuring a swift resolution and adherence to necessary standards.
Conducting regular security risk assessments and audits to identify vulnerabilities and implement corrective actions.
Reporting on the status of security and compliance initiatives, and suggesting improvements to enhance the company’s security posture.
Lead responses to security incidents.
Critical Behaviors
Leadership – Proven experience in leading security and compliance initiatives, with the ability to work both strategically and hands-on.
Communication – Ability to communicate complex security and compliance issues in a simple, understandable manner.
Analytical Thinking – Strong analytical skills to assess risks effectively and propose mitigation strategies.
Collaborative – Work seamlessly with various internal teams and external partners to foster a secure and compliant operational environment.
Proactive – A self-starter who can identify potential issues before they become problems and continuously seeks opportunities to improve the existing processes.
Requirements
Bachelor’s degree in Information Technology, Cybersecurity, or a related field; higher degrees or certifications (such as CISSP, CISM) would be a plus.
Experience with various security tools, such as Firewalls, Intrusion detection/prevention systems and antivirus software, a plus.
Extensive experience in information security, cloud security, risk management, and compliance.
Familiarity with ISO27001 certification processes.
Proven track record of working with legal teams to navigate security and compliance issues in contracts.
Solid understanding of global privacy laws and regulations. Excellent organizational skills and the ability to learn quickly. Strong oral and written communication skills.
Ability to work at all levels of the organzation.
High-level of attention to detail and be a self-starter with the ability to work independently, multi-task and adjust to shifting priorities.
The position is fully remote and reports to the Chief Information Officer. Benefits vary by region employed (eg. health insurance, paid vacation, pension contributions, healthy lifestyle reimbursement, and more).