26 octobre 2025

Regional Business Security Analyst – Latin America

Regional Business Security Analyst – Latin America
 
 

About the Organization:
FINCA International, one of the world's leading MFIs, provides financial services to over 950,000 clients through 21 wholly-owned and operated subsidiaries in Africa, Eurasia, Latin American, and the Greater Middle East.

About the Job:
FINCA International is seeking a Regional Business Security Analyst (RBSA) – Latin America. The role will be based in Guatemala City, and will travel up to 75% of time. RBSA will report to director of information protection with a dotted-line report to the regional director of IT. S/he will be responsible for ensuring that effective security risk management practices are incorporated into IT and business practices within their FINCA region. Assessments and related activities will be the initial focus of the position, but it will grow into a consultative, advisory, and governance role. Future duties will include working closely with regional IT staff to design and test effective security controls, as well as ongoing independent risk assessments of business systems.

Tasks and Responsibilities:

  • Monitor and evaluate (55%):

    • Document security and compliance of applications and supporting infrastructure;
    • Work with security and network staff to resolve identified security issues;
    • Work with network and IT staff to implement and maintain security monitoring controls;
    • Audit for internal compliance with FINCA IT and security policies;
    • Develop recommendations for improvements;
    • Monitor appropriate sources for newly identified vulnerabilities:

      • Assess existing systems against those vulnerabilities;
      • Report on risks, risk mitigations, and residual business risks.
    • Assess and document security posture of 3rd-party vendors and their services against FINCA standards.
    • Utilize appropriate tools to evaluate business environment against security policy and business risk posture:

      • Network vulnerability scanning;
      • Device configuration management;
      • Application testing;
      • Network monitoring;
      • Log review;
      • Threat modeling;
      • Source code review;
      • Other techniques as appropriate.
    • Evaluate application development and implementation activities for security risks;
    • Monitor appropriate industry sources to maintain awareness of new security tools and techniques.
  • Plan and organize (20%):

    • Communicate and collaborate with internal clients to establish security direction, and provide influence and leadership on current and future technical security directions;
    • Manage all phases of project planning in security service support, including functional requirements, design specifications, testing and quality assurance, implementation and support;
    • Provide input to the annual Information Protection budget cycle.
  • Acquire and implement (15%):

    • Ensuring that security requirements are identified early on and are being incorporated into all projects/applications;
    • Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve our ability to protect corporate assets and infrastructure;
    • Develop and maintain documentation of relevant IT systems and security controls;
    • Assess and capture security requirements within context of enterprise application architecture;
    • Ensure that application development and deployment meet FINCA security standards;
    • Provides security input to design and application architectural reviews.
  • Deliver and support (10%):

    • IT security technical consulting services;
    • Research security issues and provide evaluations and recommendations to management;
    • Provide security awareness training to staff;
    • Participate as a member of the Regional Information Systems and Incidents Emergency Response Team.

Qualifications:

  • Knowledge and education:

    • Bachelor's Degree in a technical discipline or equivalent work experience;
    • Certifications are not required, but will be considered in the evaluation process. Applicable certifications include: SANS, Cisco, CISSP;
    • Knowledge of security and control frameworks (such as ISO 27001, CoBIT).
  • Professional experience:

    • Minimum 4-6 years of experience performing IT security assessments;
    • Experience with common assessment tools (examples nessus, Foundstone, Qualys, nCircle);
    • Experience communicating assessment results to audiences with diverse technical proficiency;
    • Experience constructively articulating business impact of vulnerabilities to various stakeholders;
    • Experience with multiple platforms (i.e. Windows, Unix/Linux, etc.);
    • Demonstrated capability to drive holistic improvements in practices and processes desired;
    • Experience implementing and managing security technologies, including access control, auditing, log management, IDS/IPS, firewalls, antivirus, and malware desired;
    • Experience securing mobile technologies preferred;
    • Understanding of application security principles desired;
    • Experience conducting application security reviews preferred;
    • Experience with scripting languages desired.
  • Job skills:

    • Fluency in written and spoken English and Spanish;
    • Excellent communication and presentation skills;
    • Ability to present information and ideas clearly and concisely;
    • Effective at reviewing prioritizing and communicating identified risks;
    • Experience working within a distributed team-oriented environment;
    • High degree of initiative, dependability and ability to work with little supervision;
    • Proven ability to balance, prioritize and organize multiple tasks;
    • Accuracy, attention to detail and awareness of deadlines;
    • Strong commitment with the social mission of FINCA;
    • High level of personal integrity, and the ability to professionally handle confidential matters with appropriate judgment and maturity;
    • Ability to influence without authority;
    • High level of energy and enthusiasm;
    • Creative and flexible.

Closing Date: 31 Dec 2012

How to Apply:
Apply Online

View Original Posting