Senior Security Governance and Risk Consultant at Tenchi Security

We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Security Governance and Risk Consultant at Tenchi Security. Tenchi is a Cyber Security company that is building innovative technology focused on Third-Party Cyber Risk Management for businesses. Founded by . serial entrepreneurs. and . backed by a solid group of Institutional Investors. , we seek to . disrupt. this rapidly growing industry. Our company is . 100% remote. and our team is . spread across the globe. , including . Brazil, US, Canada, Argentina, and Spain. . We strive to get the . best professionals. in the field so our team can build an . amazing product. focused on our client’s needs.. As a Senior Security Governance and Risk Consultant at Tenchi, you will lead our clients through the intricacies of establishing effective security governance practices and managing enterprise risk. This role involves crafting governance frameworks, performing risk assessments, and ensuring compliance with relevant security regulations. With your extensive experience in the cybersecurity field, you'll guide organizations in fortifying their security posture while aligning their security strategy with their business objectives.. Key Responsibilities:. . Lead the planning, execution, and delivery of security governance and risk management projects for clients across various industries; . . Conduct security maturity assessments based on established frameworks (e.g., NIST CSF, CIS Controls, ISO/IEC 27001), and identify gaps, risks, and areas for improvement; . . Design, implement, and maintain Information Security Management Systems (ISMS) in compliance with ISO 27001 or other relevant standards; . . Develop and manage Information Security Master Plans (PDSI), aligning security strategy with business objectives; . . Execute Third Party Cyber Risk Management (TPCRM) processes, including due diligence assessments, vendor risk scoring, and remediation planning; . . Lead or support cybersecurity audits and regulatory compliance reviews (e.g., LGPD, GDPR, SOX); . . Provide guidance and recommendations to clients on risk mitigation strategies, security policies, procedures, and controls; . . Collaborate with cross-functional teams (Legal, IT, Compliance, Procurement, etc.) to embed security governance into broader business processes; . . Conduct occasional on-site visits to clients or third parties as required by project needs;. . Deliver executive-level reporting and presentations on risk posture, findings, and strategic recommendations; . . Mentor junior consultants and support internal capability development within the GRC team; . . Stay up to date with emerging threats, regulatory changes, and industry trends to continuously enhance client value and service delivery.. . . Bachelor’s or Master’s degree in . Information Security. , . Computer Science. , or a related field; . . . 5+ years of experience. in security governance, risk management, or compliance consulting; . . Deep understanding of . security frameworks. , . regulations. , and . cybersecurity compliance. requirements (e.g., NIST, CIS, ISO/IEC 27000); . . Proven track record of leading and delivering . complex security projects. with direct client interaction; . . Experience with . risk assessment tools and methodologies. is a plus; . . Strong . analytical. , . organizational. , and . problem-solving. skills; . . Excellent . interpersonal. and . communication. abilities, with the capability to convey complex topics in a clear and concise manner; . . Certifications such as . CISSP. , . CISM. , . CRISC. , or similar are . strongly preferred. ; . . Comfortable working in . remote environments. while maintaining high engagement and collaboration with clients and teams. . . Fluency in Portuguese and English.. . Company Location: Brazil.