Compliance & Privacy Tech Lead

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Data Classification & Permission: Take ownership of and uphold the organization's data classification schema, establishing enforceable rules for AI tools and conducting data classification audits to ensure data permissibility across all risk tiers.

• AI Intake & Risk Support: Assist in the triage of incoming AI tool requests, maintain the data fields in the AI registry, coordinate vendor assessments, and ensure that robust PII and sensitive data guardrails are documented prior to go-live.

• Compliance & Portfolio Management: Oversee active tools for data boundary drift, identify shadow AI, conduct quarterly reviews of duplicate solutions, and report anomalies in access or usage patterns to Security and Data Governance.

• Cross-Functional Collaboration: Collaborate closely with Data Engineering to ensure governed data pipelines, and work with Legal, Compliance, and HR to integrate regulatory changes and enhance data literacy.

• Governance Operations: Prepare essential inputs for Governance Board materials, maintain data policies and process guides, and monitor regulatory developments (GDPR, EU AI Act, NIST AI RMF, ISO 42001) to inform internal policy.

⛳️ Requirements

• Has Solid Experience: Possesses over 4 years in a data governance, management, or compliance role, including 1 to 2 years specifically focused on documenting enterprise-level data policies or classification schemas.

• Is a Proactive Self-Starter: Naturally identifies gaps and takes initiative to address them without needing to be prompted, while efficiently managing a high volume of concurrent requests without losing sight of details.

• Drives Cross-Functional Alignment: Confidently engages with all levels—from Data Engineering to the Governance Board—and has experience managing structured review processes involving multiple stakeholders.

• Has Exceptional Communication Skills: Capable of translating complex data policy, classification principles, and regulatory concepts into clear language for a diverse, non-technical audience.

• Has an Analytical Mindset: Comfortable analyzing registry data, usage metrics, and risk criteria to draw actionable insights and influence technology strategy.

• Your Technical Toolkit: ITSM Platforms: Proficient in managing intake and workflows utilizing tools such as ServiceNow or Jira.

• Documentation & Policy Management: Skilled with tools like Confluence or Notion for process management.

• Data Management & Registry: Experienced with registry tools such as Airtable or similar spreadsheet-based systems.

• Regulatory Frameworks (Advantageous): Familiarity with standards and frameworks like GDPR, NIST, ISO 42001, or the EU AI Act.

• Data Platforms (Nice to have): Knowledge or experience with data catalog or data lineage tooling.

🏝️ Benefits

• Well-being First: Comprehensive health insurance and "Open Holidays" because we trust you to recognize when you need a break.

• Flexible Working hours and Work: Choose to work from our lively hubs in Porto, Aveiro, or Coimbra, or opt for a remote setup that suits you, as long as you are based in Portugal :)

• Career Growth: A dedicated budget for training and conferences, along with a transparent profit-sharing model.

• Tools for Success: Select Laptop & Peripherals that best meet your needs, plus Hotspot with unlimited usage (PT), for both work and leisure.

• Team work makes the dream Work: Join the Mindera Annual Trip, participate in sports, and engage in sharing groups to connect and have fun!