Cybersecurity Risk & Compliance Analyst (Senior) ID34575

Posted On 04/13/2025

City: Sorocaba

State/Province: Sao Paulo

Postal Code: 18000-000

Industry: IT Services

AgileEngine is one of the Inc. 5000 fastest-growing companies in the U.S. and a top-3 ranked dev shop according to Clutch. We create award-winning custom software solutions that help companies across 15+ industries change the lives of millions.

If you like a challenging environment where you’re working with the best and are encouraged to learn and experiment every day, there’s no better place - guaranteed!

1. Perform regular vulnerability scans across systems and applications; analyze findings and prioritize remediation based on business risk.
2. Maintain accurate asset inventories including SBOM/HBOM for core systems.
3. Collaborate with IT/DevOps teams to track and validate the remediation of security vulnerabilities.
4. Coordinate evidence collection and preparation for external audits (SOC2, HITRUST, PCI DSS), reducing the operational burden on engineering teams.
5. Develop and maintain internal security policies and standards aligned with compliance requirements.
6. Monitor compliance posture, identify gaps, and support remediation plans.
7. Conduct recurring risk assessments to identify security control weaknesses and emerging threats.
8. Maintain the organization’s risk register and follow up on mitigation efforts.
9. Evaluate risks related to emerging technologies, including Generative AI.
10. Support incident response activities and address security inquiries from clients and partners.
11. Provide day-to-day guidance on security best practices to internal stakeholders.

1. 4+ years of experience in cybersecurity with a focus on risk management and compliance.
2. Strong understanding of vulnerability management and risk assessment methodologies (NIST RMF, ISO 27001).
3. Hands-on experience with compliance frameworks (SOC2, HITRUST, PCI DSS).
4. Excellent analytical skills and a collaborative approach, especially when working with IT and DevOps teams.

1. Familiarity with security tooling for audit automation or asset tracking.
2. Experience supporting incident response and customer-facing security assessments.
3. Aware of modern security challenges in the healthcare or SaaS environment.

1. Professional growth: Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps.
2. Competitive compensation: We match your ever-growing skills, talent, and contributions with competitive USD-based compensation and budgets for education, fitness, and team activities.
3. A selection of exciting projects: Join projects with modern solutions development and top-tier clients that include Fortune 500 enterprises and leading product brands.
4. Flextime: Tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.

The next steps of your journey will be shared via email within a few hours. Please check your inbox regularly and watch for updates from our Internal Applicant site, LaunchPod, which will guide you through the process.