Please mention DailyRemote when applying
SMASH, Who we are?
We are agents for tech professionals in Costa Rica and Colombia that help them build careers in the United States.
We believe in long-lasting relationships with our talent. We invest time getting to know them and understanding what they seek as their professional next step.
We aim to find the perfect match. As agents, we pair our talent with our US clients, not only by their technical skills but as a cultural fit. Our core competency is to find the right talent fast.
We purposefully move away from the “contractor” or “outsourcing” type of relationship. Our clients don’t want contractors or “just a service.” Neither does our talent.
Our Benefits
Wellness Coverage
Remote Work
Birthday day off
Recognition and rewards system
Referrals Program
Business skill coaching
English classes for Smashers and relatives
Learning opportunities
This position is Remote to work with a US Company; you will require to have Citizenship or a work permit from Costa Rica to apply for this role.
Role summary
You will lead cybersecurity governance and risk management initiatives by establishing control ownership, strengthening governance frameworks, and aligning cyber operations with regulatory expectations. This role focuses on improving risk visibility, control accountability, and compliance maturity across enterprise cybersecurity functions.
Responsibilities
Define and maintain ownership of cybersecurity controls across operational teams.
Conduct cyber risk assessments and map risks to appropriate controls and mitigation strategies.
Develop and maintain governance frameworks including RACI models, control libraries, and policy structures.
Design and monitor cybersecurity metrics, dashboards, and Key Risk Indicators (KRIs).
Translate enterprise security policies into actionable standards, procedures, and operational controls.
Ensure consistent implementation, enforcement, and documentation of cybersecurity standards.
Support alignment with NCUA, FFIEC, and other regulatory frameworks and risk-based approaches.
Collaborate with technology, compliance, audit, and operational teams to strengthen governance processes.
Identify gaps in cybersecurity controls and recommend remediation strategies.
Prepare reports and risk summaries for leadership, audit, and regulatory stakeholders.
Promote continuous improvement of cybersecurity governance and risk management practices.
Requirements – Must-haves
Proven experience in cybersecurity governance, risk management, or information security programs.
Strong understanding of cybersecurity controls, risk assessment methodologies, and control mapping.
Experience aligning cyber programs with NCUA, FFIEC, or similar regulatory frameworks.
Experience developing governance models, policy frameworks, and accountability structures.
Knowledge of cybersecurity metrics, KRIs, and reporting practices.
Ability to translate high-level policies into operational standards and procedures.
Strong analytical, documentation, and problem-solving skills.
Experience collaborating with cross-functional stakeholders across security, IT, compliance, and operations.
Excellent written and verbal communication skills.
Nice-to-haves (optional)
Experience in banking, credit union, or regulated financial services environments.
Familiarity with frameworks such as NIST CSF, ISO 27001, or COBIT.
Relevant certifications such as CISSP, CISM, CRISC, or CISA.
Experience supporting audits, regulatory reviews, or compliance assessments.
Languages
English C1, Spanish C1
Stop the endless job search. Our AI finds and applies to the best jobs for you.
Discover remote opportunities in Risk Manager
Answer easy questions
200,000+ jobs across 15+ categories
Get your best job matches
Only hand-screened, legit jobs
Find a remote job faster
No ads, scams, or junk
“ I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!