Job Search and Career Advice Platform

Ativa os alertas de emprego por e-mail!

Information Security GRC Specialist

Jobgether

Teletrabalho

BRL 120.000 - 160.000

Tempo integral

Há 2 dias
Torna-te num dos primeiros candidatos

Cria um currículo personalizado em poucos minutos

Consegue uma entrevista e ganha mais. Sabe mais

Resumo da oferta

A recruitment agency is looking for an Information Security GRC Specialist in Brazil. This pivotal role involves managing the organization's governance, risk, and compliance program, including implementing security policies and conducting audits. The ideal candidate will have over 5 years in Information Security roles, proficiency in scripting and a strong understanding of security frameworks. The role offers a remote-first work environment, unlimited paid time off, and employee stock options.

Serviços

Unlimited paid time off
Employee stock options
Premium health insurance
Monthly wellness stipend

Qualificações

  • Minimum of 5 years in Information Security GRC roles.
  • Strong knowledge of information security frameworks (ISO/IEC 27000 series, COBIT, NIST CSF).
  • Experience with regulatory and cybersecurity requirements in fintech.

Responsabilidades

  • Oversee security policies and compliance assessments.
  • Conduct risk assessments and recommend remediation strategies.
  • Embed security controls into business processes.

Conhecimentos

Information Security governance
Information Security compliance
Data analysis
Communication skills
Proactive mindset

Formação académica

Certified Information Systems Auditor (CISA)
AWS Certified Cloud Practitioner

Ferramentas

JSON/YAML configurations
Command-line tools
Descrição da oferta de emprego

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Information Security GRC Specialist in Brazil.

This role provides a pivotal opportunity to shape and maintain an organization’s information security governance, risk, and compliance (GRC) program. You will oversee security policies, technical standards, and procedures while coordinating internal and external security assessments. The position demands both strategic oversight and hands‑on engagement with cross‑functional teams, ensuring alignment with regulatory and industry standards. You will identify, assess, and mitigate security risks while driving continuous improvement in compliance processes. Collaboration with technical, regulatory, and business teams is key, and the role emphasizes proactive, high‑quality, and automated approaches to GRC. Ideal candidates are analytical, detail‑oriented, and adept at translating technical findings into actionable business insights.

Accountabilities
  • Maintain, implement, and continuously improve the Information Security GRC program.
  • Coordinate internal and external audits, compliance assessments, and maturity evaluations.
  • Ensure adherence to regulatory, contractual, and industry information security standards.
  • Collaborate with cross‑functional teams to embed security controls into technical and business processes.
  • Conduct risk assessments, monitor control effectiveness, and recommend remediation strategies.
  • Support adoption and consistent application of security policies, procedures, and technical standards.
  • Leverage automation and Agile approaches to shift from manual compliance to integrated, continuous practices.
  • Provide reporting, metrics, and insights to stakeholders and senior management.
Requirements
  • Minimum of 5 years in Information Security GRC roles.
  • At least 3 years leading or coordinating internal compliance assessments, audits, or strategic maturity evaluations.
  • Strong knowledge of information security frameworks (ISO/IEC 27000 series, COBIT, NIST SP 800-xx, NIST CSF, CIS).
  • Experience with regulatory and cybersecurity requirements applicable to financial or fintech organizations.
  • Proficiency in scripting, JSON/YAML configurations, command‑line tools, and basic automation.
  • Ability to analyze data from logs to identify trends and derive actionable insights.
  • Certified Information Systems Auditor (CISA) or equivalent credentials.
  • Knowledge of AWS Cloud Infrastructure or AWS Certified Cloud Practitioner.
  • Strong communication, collaboration, and stakeholder management skills.
  • Detail‑oriented with a proactive and continuous learning mindset.
  • Nice‑to‑have: ISO 27k Lead Auditor, CISSP, PMP certifications, cloud security best practices, Agile/PMI methodologies, and familiarity with GDPR or other international regulations.
Benefits
  • Remote‑first work environment with global collaboration.
  • Unlimited paid time off through the Me Time program.
  • Employee stock options and premium health, dental, and life insurance in multiple countries.
  • Extended family leave (4 months for all parents, birthing or non‑birthing, and adoptive).
  • Zero trading fees via internal crypto platforms.
  • Monthly stipend for wellness, fitness, sports, learning, and entertainment activities.
  • Opportunities for professional growth and to make a meaningful impact in information security and risk management.
Why Apply Through Jobgether?

We use an AI‑powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role’s core requirements. Our system identifies the top‑fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre‑contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

Obtém a tua avaliação gratuita e confidencial do currículo.
ou arrasta um ficheiro em formato PDF, DOC, DOCX, ODT ou PAGES até 5 MB.