Join to apply for the Information Security Governance Lead role at Coralisle Group Ltd.
We are a leading regional player in the retail insurance sector with over 600 employees across the Caribbean, Latin America and the United States.
The Role
Reporting to the Chief Information Security Officer (CISO), you will advance the group’s information security program by applying Governance, Risk and Compliance (GRC) expertise in risk assessment and control validation.
* Oversee group‑wide security control validation, effectiveness assessments, and maintenance of the risk register, identifying gaps and driving remediation by partnering with Risk, Compliance and Internal Audit.
* Work with the CISO to ensure the ISMS is aligned and integrated across assurance and business functions, fostering a unified risk and control culture while supporting regulatory compliance and relevant certification standards (e.g., ISO 27001).
* Ensure ISMS‑related policies, procedures and controls are always up to date and fit for purpose, including version control and periodic review cycles.
* Lead audit and due diligence readiness by managing evidence collection, preparing assurance documentation and coordinating comprehensive responses for regulatory, client and partner requests.
* Manage the third‑party risk management (TPRM) process by developing and issuing security questionnaires to vendors and partners, reviewing their responses for control gaps and risk exposure, and collaborating with stakeholders to drive mitigation and compliance efforts.
* Collaborate with key stakeholders to manage incident and near‑miss workflows, participate in root‑cause analysis and ensure corrective actions are documented and tracked.
The Person
To be the ideal candidate you should have:
Qualifications, Skills & Experience
* Bachelor’s degree in Information Security, Risk Management, Business or a related field; advanced degree or certifications (CRISC, FCCS, ACII, PMI, CISM, CISSP) strongly preferred.
* Minimum of five years’ experience in information security risk assessment, control validation, audit support or related GRC roles.
* Strong background in regulatory, risk and control programs in financial services or insurance.
* Proven success leading remediation initiatives and working across the three lines of defence.
* Skilled in communicating complex risk and control concepts to senior leadership and non‑technical audiences.
* Experience managing high‑impact regulatory or security transformation projects/programs.
* Practical knowledge of compliance assessments and third‑party due diligence.
The Benefits
We value our employees and offer a supportive and inclusive work environment. You will have opportunities for professional growth, competitive compensation and a comprehensive benefits package.
Seniority level
* Associate
Employment type
* Full-time
Job function
* Information Technology, Project Management, and Analyst
Industries
* Insurance, Information Services, IT Services and IT Consulting
#J-18808-Ljbffr