
Information Security GRC Analyst — Compliance and Audit
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in Brazil.
• Assist in the upkeep and advancement of the Information Security Management System (ISMS) in line with ISO 27001 and PCI-DSS, including controls, Statement of Applicability (SoA), and associated documentation.
• Ensure compliance and oversee cloud security posture, providing consultative support to Engineering and Infrastructure teams ahead of formal audit cycles.
• Facilitate mergers and acquisitions by performing security assessments of acquired entities and developing strategies to enhance their security maturity.
• Develop, review, and uphold Information Security policies, standards, and procedures.
• Contribute to the maintenance of compliance programs (ISO 27001/27002, SOC 2 Type II, PCI DSS, and SOX).
• Assist in conducting internal audits and managing follow-ups on external audits, including the organization of evidence and responses to inquiries.
• Oversee security controls and technical/regulatory action plans (including requirements from Bacen (Brazilian Central Bank) and PCI) with relevant teams.
• Organize and preserve audit evidence and assess the operational effectiveness of controls.
• Aid in the preparation of reports, compliance indicators (KPIs), and risk status updates for committees and executive boards.
• Prior professional experience in the financial sector (e.g., fintechs).
• Previous experience in Information Security, Governance, Risk, Compliance (GRC), or IT Audit.
• Familiarity with Bacen resolutions and regulatory requirements.
• Practical experience in cloud security and posture monitoring (Cloud Security / CSPM).
• Understanding of cloud security principles based on industry standards (e.g., ISO 27017).
• Working knowledge of ISO 27001/27002 and the fundamentals of audit and risk management.
• Hands-on experience with PCI DSS certification requirements.
• Comprehension of IT processes and controls (including access management, change management, vulnerability management, logging, and backups).
• Outstanding communication and teaching skills to effectively convey technical concepts to diverse stakeholders, from technical teams to executive committees.
• Medical and dental insurance with no co-payment.
• Life insurance.
• Allowance for medication purchases.
• Subsidy for physical activity.
• Four complimentary monthly sessions with a therapist or nutritionist.
• Flexible meal allowance provided via a Visa credit card.
• Complimentary meals at headquarters.
• Daycare assistance.
• Parental support program.
• Extended maternity and paternity leave.
• Access to an in-company training platform.
• Education assistance, covering 70% of tuition for degrees and language courses, as well as for purchasing courses and books.
• Home Office allowance.
• Provision of work equipment.
• Furniture allowance.
• Partnerships with coworking spaces.
• Day Off during the birthday month.
• Happy Hour allowance.
• Referral bonus for new hires.
• Bonus based on annual targets.
• Stock Options plan.
• Casual, relaxed work environment with no dress code.
Precision Medicine Group
Advarra
Affordable Housing Trust for Columbus and Franklin County
City of Hope
Get handpicked remote jobs straight to your inbox weekly.