Cyber Governance & Risk Function Skills (P-117)

SMASH, Who we are?

We are agents for tech professionals in Costa Rica and Colombia that help them build careers in the United States.  We believe in long-lasting relationships with our talent. We invest time getting to know them and understanding what they seek as their professional next step.  We aim to find the perfect match. As agents, we pair our talent with our US clients, not only by their technical skills but as a cultural fit. Our core competency is to find the right talent fast.

We purposefully move away from the “contractor” or “outsourcing” type of relationship. Our clients don’t want contractors or “just a service.” Neither does our talent.

Our Benefits Wellness Coverage Remote Work Birthday day off Recognition and rewards system Referrals Program Business skill coaching English classes for Smashers and relatives Learning opportunities This is a remote position for Costa Rica.

This position is Remote to work with a US Company; you will require to have Citizenship or a work permit from Costa Rica to apply for this role.

Job Description : Cyber Governance & Risk Function Skills Control Ownership & Accountability Define and maintain ownership of cybersecurity controls within operational teams, ensuring they are implemented, monitored, and continuously improved.

Risk Assessment & Control Mapping Conduct cyber risk assessments and map risks to specific controls, ensuring alignment with NCUA or FFIEC’s risk-based approach.

Governance Framework Development Establish governance structures (e.g., RACI models, control libraries, policy frameworks) that clarify roles, responsibilities, and accountability within the cyber function.

Metrics, KRIs, and Reporting Develop and maintain meaningful metrics and Key Risk Indicators (KRIs) that reflect control effectiveness, risk posture, and compliance with internal and regulatory expectations.

Policy Implementation & Standards Enforcement Translate enterprise-level policies into actionable standards and procedures for cyber teams, and ensure consistent enforcement and documentation.

Powered by JazzHR