Technology Compliance Analyst – Mid-level

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Conduct testing and validation of IT controls (ITGC), ensuring they are effectively designed and functioning properly;

• Evaluate controls in the following domains:

• Access Management (IAM)

• Change Management / SDLC

• Cybersecurity and data protection

• IT operations and monitoring

• Business continuity and Disaster Recovery

• Verify audit evidence, ensuring quality, completeness, and compliance with requirements;

• Assist with internal and external audits (SOC 2, ISO 27001, and others), including: audit responses, organizing evidence, and providing support throughout the audit process;

• Perform tests of both global and local QMS (Quality Management System) controls;

• Identify gaps, risks, and control weaknesses, recommending remediation strategies;

• Oversee and ensure the implementation of remediation strategies;

• Work collaboratively with IT, security, risk, and product teams to ensure compliance;

• Address inquiries from stakeholders regarding compliance and controls;

• Aid in the design and enhancement of controls and processes;

• Maintain compliance dashboards, reports, and metrics;

• Support access reviews and updates to security policies;

• Proactively identify risks and opportunities for ongoing improvement.

⛳️ Requirements

• 2 to 4 years of experience in:

• IT Compliance

• IT Audit

• ITGC control testing

• QMS or risk management

• Strong knowledge of:

• ITGC (IT General Controls)

• Control testing (design and operational effectiveness)

• Evidence management and audit support

• Frameworks and standards: SOC 2, ISO 27001

• Information Security Policies (ISP)

• Experience with:

• Access Management (IAM)

• Change Management / SDLC

• Cybersecurity

• IT operations and monitoring

• Familiarity with testing methodologies: walkthrough, sample testing, reperformance, inspection

• Experience with GRC tools: Archer, ServiceNow GRC or similar

• Knowledge of: vulnerability scanning, penetration testing, security monitoring

• Proficient in Microsoft Office (advanced Excel preferred).

🏝️ Benefits

• Remote work