Analista de Segurança da Informação – Compliance, Pleno

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Serve as the main contact for SOC1 Type 2 certification, ensuring its compliance, ongoing maintenance, controls, evidence, and support for audits.

• Assist in maintaining and evolving PCI-DSS, ISO 27001, and ISO 27701 certifications, ensuring adherence to Information Security policies and requirements.

• Contribute to adjustments related to LGPD and GDPR, supporting the enhancement of privacy and data protection practices.

• Monitor national and international regulations (Bacen, Open Finance, PSD2, among others), proposing improvements and best practices for compliance and governance.

• Engage in continuous improvement processes for Information Security policies, supporting reviews, adjustments, and development of controls.

• Participate in the management of Information Security risks, identifying vulnerabilities and supporting remediation and mitigation plans.

• Lead training and awareness initiatives for employees regarding Information Security, strengthening the security culture within the company.

• Involve in projects aimed at improving the infrastructure and systems environment at Sensedia from an Information Security perspective, considering requirements such as SOC1, PCI, and ISO.

• Assist business areas in responding to Information Security questionnaires submitted by clients (Risk Assessments).

• Collaborate with teams in Consulting, R&D, S&O, Legal, and business areas in defining policies, adjustments, and supporting audits.

• Support the implementation of solutions aimed at Information Security, contributing to the continuous evolution of the environment's maturity.

⛳️ Requirements

• Strong experience with SOC1 Type 2, involved in processes of adjustments, maintenance, controls, evidence, and audits.

• Background in Governance, Risk, and Compliance (GRC) applied to Information Security.

• Bachelor's degree in IT or related fields.

• Knowledge in PCI-DSS, ISO 27001, and ISO 27701.

• Familiarity with Bacen and regulations related to Open Finance, along with market regulatory knowledge.

• Understanding of LGPD and GDPR.

• Knowledge of BCP (Business Continuity Plan).

• Basic knowledge of Networks and Cloud Computing in general.

• Experience in Information Security policies, controls, and risk management, including identification and mitigation of vulnerabilities.

• Experience with audits, evidence management, and Risk Assessments.

• Proficient in English for reading and writing technical documentation.

• Strong communication skills and the ability to work with various stakeholders and departments within the company.

🏝️ Benefits

• Meal Voucher/Food Allowance (Flash Benefits Card).

• Health Insurance.

• Dental Plan.

• Life Insurance.

• Profit-Sharing Program (PPR).

• TotalPass.

• Childcare Assistance.

• Well-Being Program (focused on physical and mental health).

• Corporate University (our #SensediaAcademy), with various development tracks.

• Cultural and educational partners offering special discounts.

• Extended maternity and paternity leave.

• Flexible work model.