Cybersecurity Assurance & Risk Lead, Gerencia Tecnología …, Huechuraba

Do you want to make a difference and reach your best version? At Walmart Chile, we transform every day with pride and passion to deliver the best omnichannel experience and create a real impact on our associates, customers, and communities. We are the largest retail company in the world and the third-largest employer in Chile. In Chile, you can find us through our digital platforms Lider App and lider.cl, and our store formats Lider, Express de Lider, Super Bodega aCuenta, and Central Mayorista. But that’s not all! To achieve the excellent shopping experience we aim for, we also have our production plants and distribution centers. Development, social impact, and the well-being of our associates are part of what makes us unique. At Walmart Chile, you can grow without limits and be 100% yourself. Join our purpose of Helping People Save Money and Live Better and help us impact thousands of families. The InfoSec team is looking for its next Cybersecurity Assurance & Risk Lead to make a difference in their team. We value your story and what makes us unique. That’s why we promote an inclusive work environment where you can be your best version and make a difference with us. This job offer is governed by Law No. 21.015, which encourages the inclusion of people with disabilities in the workforce. Mission: To execute and govern security assurance and security risk management across Walmart Tech International by leading Security Solution Evaluations (SSEs), audit and certification readiness, compliance evidence management, and risk assessments while scaling delivery through an AI-enabled, agentic operating model. This role ensures assurance outcomes are defensible, repeatable, audit-ready, and continuously maintained, with the human lead owning final decisions, exception handling, and accountability, and agentic operators accelerating evidence collection, control validation, documentation readiness, and risk analysis under governed guardrails. Your main responsibilities: Implement and Run the Technology Risk Framework
- Design, implement, and operate a consistent risk framework for technology/security risk—covering taxonomy, scoring model, likelihood/impact definitions, risk acceptance criteria, and governance routines. Security Solution Evaluations for Technology, Vendors, and Architecture Changes
- Lead and execute Security Assessment for new/existing technologies, platforms, vendors, and major changes; document findings, required controls, and go/no-go recommendations. Audit Execution Support and Evidence Management
- Plan and support internal/external audits, including readiness planning, evidence coordination, stakeholder management, and remediation follow-up. Certification and Formal Assurance Program Readiness
- Own compliance requirements tied to certifications and structured assurance programs (e.g., ISO cycles), including scope support, control narratives, evidence traceability, and artifact readiness. Security Risk Assessments, Treatment Options, and Risk Acceptance Governance
- Conduct and govern security risk assessments (technology, third-party, process, and change-driven), producing defensible risk statements, treatment options, compensating controls, and risk acceptance documentation. Agentic Assurance Operations Orchestration and Governance Guardrails
- Orchestrate an agentic workforce to scale assurance execution (evidence collection, control validation support, SSE automation, risk drafting support, remediation orchestration), and define governance guardrails (validation methods, escalation triggers, approval checkpoints, quality controls). Continuous Improvement & Professional Development
- Pursue advanced training and certifications in cybersecurity education, awareness, automation, and GenAI.
- Maintain and update a personal development plan, reporting progress in regular reviews. What do we expect from you?
- 7–10+ years in security assurance, security risk management, audit/compliance execution, technology risk, or equivalent InfoSec roles.
- Demonstrated experience implementing or operating a technology risk framework, including: likelihood/probability and impact models,risk scoring and escalation thresholds,risk acceptance governance and renewals.
- Proven experience leading security assurance execution, audit support, certification readiness, evidence management, and remediation follow-up.
- Experience using a threat and vulnerability lens in assessments (scenario-driven thinking, vulnerability class coverage).
- Strong stakeholder leadership across Technology, Architecture, SecOps, GRC, Procurement/Vendor Management, and business teams.AI proficiency and practical ability to orchestrate agentic workflows with validation and escalation guardrails.
- Proven experience leading security assurance functions, including SSEs/security assessments, audit support, compliance evidence management, and security risk assessments.
- Strong working knowledge of security control frameworks and maturity structures, including ISO/IEC 27001/27002 and NIST CSF (and/or NIST 800-53-based control sets).
- Demonstrated ability to produce defensible assurance artifacts: assessment reports, risk statements, control narratives, evidence packs, remediation plans, and executive-ready summaries.
- AI proficiency with practical ability to run agentic workflows for assurance execution (workflow design, orchestration patterns, validation, escalation, and safe-automation guardrails).
- Strong stakeholder management skills; able to drive outcomes across technical and non-technical teams.
- Fluent English (written and spoken).
- Strongly preferred formal background in Information Security / Computer Science / Engineering / Information Systems (or equivalent experience).
- Certifications aligned to assurance and risk leadership are valuable (examples often include ISO 27001 Lead Implementer/Lead Auditor and risk-focused certifications), depending on internal standards.
- Highly valued: Demonstrable training or applied capability in risk methodology design, scenario-based assessment, and AI-enabled workflow governance. Our Benefits: We enhance your well-being so you can live better, which is why we offer many benefits for you. Here are some: Financial Benefits:
- Adjustment Fund for People with Disabilities: We provide financial support so you can acquire assistive devices according to your disability.
- Financial Advisory: We offer guidance and advice related to the protection and planning of your personal and family finances.
- Discount Agreements: Special price agreements on mobile services, auto insurance, shopping discounts, and much more! Emotional Benefits:
- Leave for Pregnancy Loss: In this sensitive moment, we want you to grieve, so we provide paid leave for mothers and fathers.
- Care for Your Loved Ones: We know how important your family is, so we give you up to one month of paid leave to care for them in case of catastrophic illnesses or serious accidents.
- Paternity Leave: We promote parental co-responsibility and provide additional days beyond the 5 granted by law so you can enjoy your newborn’s first month of life.
- More Time with Moms: To help you balance maternal detachment, you can gradually return to work after your maternity leave until your child’s first year. Physical Benefits:
- Telemedicine: Your health and your family’s health are our priority. We offer free online medical consultations in various specialties, nutrition, psychology, and veterinary medicine.
- Complementary Health Insurance: Health comes first! That’s why we offer complementary health insurance to your social security system, covering various services. Benefits depend on contract conditions, seniority, format, and/or business unit of Walmart Chile. If you want to learn more about our company, visit: Postúlate en Kit Empleo: kitempleo.cl/empleo/1cetu0