Browse
···
Log in / Register
Job Summary: A cybersecurity professional to protect operations, minimize disruptions, and align cyber risks with Globo's business objectives—including third-party risk management. Key Highlights: 1. Playing a pivotal role in Globo's digital transformation 2. Responsible for securing major events and video products 3. An inclusive environment that fosters creativity and innovation Our Technology area is a fundamental pillar of our business, driving our digital transformation. Here, we build technology solutions by constantly envisioning and developing automation techniques and processes—whether to enhance our teams' work experience or increase the delivery capacity of our products and services. We manage a massive infrastructure supporting Globo’s flagship video products, such as Globoplay, Premiere, and Globo Channels. Additionally, we handle live broadcasts of major events—from state football championships and the FIFA World Cup to the Olympic Games, Rock in Rio, and even the 24x7 live Big Brother Brasil feeds available to all Globoplay subscribers. We foster environments where everyone is included, welcomed, and valued. We strive to make Globo increasingly diverse—in representation and thought—learning from one another and stimulating creativity and innovation. **Responsibilities and Duties** **Your day-to-day will include:** * Understanding how various cyber risks may impact Globo’s operations, prioritizing efforts to protect the most vital business aspects and minimize potential disruptions, data breaches, non-compliance, financial penalties, or damage to brand and/or reputation; * Assessing the potential impact of cyber security risks on critical business processes and functions; * Evaluating the cost-benefit ratio of cyber security measures relative to potential losses—weighing implementation expenses for security controls against the financial and operational impact of a security incident—to optimize resource allocation and maximize risk reduction efficiency; * Aligning cyber risk management with business objectives by understanding strategic goals and ensuring cyber security measures are seamlessly integrated; * Coordinating the identification and classification of third-party cyber security risks and their impacts; * Coordinating the collection of third-party cyber security risk assessment data and performing cyber security risk assessments for critical third parties, as needed; * Implementing and evolving the third-party cyber security risk monitoring and management system, as defined in third-party contracts and in accordance with Globo’s Information Security Policy for Suppliers; * Developing remediation plans in collaboration with other company leaders to balance security requirements with business agility, innovation, and growth—ensuring recommended security tools or other compensating controls reduce identified risks to an acceptable level; * Providing training/guidance to stakeholders across Globo to promote a strong risk awareness culture. **Requirements and Qualifications** **What you need:** * Bachelor’s degree in: Information Systems, Computer Science, Business Administration, or related fields; * Minimum 5 years of experience in IT auditing, enterprise risk management (ERM), or cyber risk management; * Minimum 5 years of experience identifying and assessing organizational business risks, risk management frameworks, and information security management frameworks—with focus on prioritizing efforts to protect vital assets and minimize disruptions; * Solid knowledge of cyber security standards, including but not limited to ISO 27005, OpenFAIR, NIST RMF, IRAM, TOGAF, NIST CSF, and ISO/IEC 27001; * Proven track record conducting Cost-Benefit Analyses of Security Measures—including evaluating the cost-benefit ratio of cyber security measures relative to potential business losses. * Experience with cyber security principles and practices, including risk management, security controls, and business continuity—such as ISO 22301, Disaster Recovery Institute (DRI) Professional Practices, and Business Impact Analysis (BIA); * Demonstrated experience integrating cyber security risk management into overall business strategy, ensuring alignment with organizational objectives; * Experience with compliance, security audits, and risk mitigation plans; * Extensive knowledge of third-party cyber security risk management and governance concepts; * Experience assessing third-party risks, conducting and responding to due diligence procedures, and developing questionnaires for cyber security risk assessments of corporate third parties; * Effective communication skills, with ability to articulate complex technical concepts to non-technical audiences; * Ability to effectively influence others—modifying opinions, plans, or behaviors in a structured and efficient manner based on analyzed data and facts; * Proficiency in presentation techniques, enabling narrative and storytelling through presentations; * Experience influencing third parties and managing third-party relationships; * Knowledge of analytical methods and proficiency in data analysis; * Familiarity with technologies and tools (e.g., financial rating services, security rating services, integrated risk management platforms, third-party risk management platforms, etc.) that support assessment of financial and operational risk associated with current and prospective suppliers. **Preferred Qualifications:** * Certifications in risk management and information security, such as: Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified in Risk Management Assurance (CRMA), or Open FAIR Part-1. * Intermediate or advanced English proficiency. **Additional Information** **Why join Globo:** Come and let’s create stories and technologies together. At Globo, the intersection of storytelling and technology drives a diverse, innovation-passionate team. We have the opportunity to bring Brazilians closer together by creating new ways to connect with them. Here, everyone makes transformation happen. Our recruitment processes are conducted entirely remotely. \#vempraglobo Want to learn more about working at Globo? Follow our daily life, challenges, and achievements on our social media: https://www.linkedin.com/company/globo https://www.instagram.com/vempraglobo https://www.youtube.com/c/VemPraGlobo/ Your personal data will be used solely for candidate selection purposes for open positions at Globo. Personal data collected during the recruitment process for candidates not hired at this time may be retained in our databases for consideration in future recruitment processes. All collected data will be processed according to strict information security standards and in full compliance with applicable privacy laws—including Law No. 13.709/18—and in accordance with our Privacy Policy, available at: https://vempraglobo.g.globo/files/politica\_de\_privacidade.pdf By proceeding, you acknowledge and agree to your application being processed under these terms. Globo is built by people who want to do things differently, collaboratively, and shape the future—people spread across Brazil (and the world!) working in content, news, business, technology—all with Brazilian identity and abundant talent. Free-to-air and pay-TV channels, digital products like Globoplay, Cartola, G1, Ge, Gshow, and other services are all brought together in one place. **At Globo, the intersection of storytelling and technology drives a diverse, innovation-passionate team.** **We have the opportunity to bring Brazilians closer together by creating new ways to connect with them.** **Here, everyone makes transformation happen.** Want to be part of this transformation too? \#VemPraGlobo ;)
