Senior It Governance Analyst

About Latitude.sh

Latitude.sh global computing platform was launched in 2019, enabling businesses to programmatically deploy single-tenant Bare Metal instances in different parts of the world.

We are a team of passionate individuals about hardware, software, and network infrastructure looking to build the fastest, easiest-to-use, developer-centric single-tenant Cloud infrastructure. If you share this passion, join our growing team of talented people and help build the future of the Internet.

We are looking for a Senior IT Governance Analyst to structure and enhance the company's governance and information security processes. This professional will play a key role in implementing and monitoring controls required for SOC 2 Type 2 and ISO 27001 certification, ensuring compliance with industry best practices.

The primary focus will be on defining and enforcing policies, processes, and audits to strengthen corporate governance and implementing strategic KPIs for continuous monitoring.

• Structure and implement IT governance processes, aligned with ISO 27001 and SOC 2 Type 2 standards.
• Define, review, and ensure compliance with information security and governance policies.
• Implement and monitor internal controls and audits to mitigate technology risks.
• Support the development of the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
• Define and track governance and information security KPIs.
• Collaborate with the Cybersecurity team to ensure regulatory compliance and mitigate cybersecurity risks.
• Support external audits and work on remediation of identified non-conformities.
• Ensure processes comply with data privacy regulations (LGPD and GDPR, if applicable).
• Implement change management practices to ensure all system and process modifications are properly documented and approved.

• Proven experience in IT governance.
• Proven experience in implementing ISO 27001 and SOC 2 standards.
• Advanced knowledge of ISO 27001, SOC 2 Type 2, ITIL, and COBIT.
• Experience with internal and external security audits.
• Ability to structure risk management and regulatory compliance processes.
• Capability to map and implement continuous improvements in IT operational processes.
• Knowledge of LGPD and best practices for data protection.
• Experience in defining and monitoring governance and security KPIs.
• Advanced English proficiency.

• Certifications such as ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP.
• Experience in the Cloud Computing or Technology industry.

• Paid Time Off
• Competitive Compensation
• Work Anniversary bonus
• Wellhub (former Gympass)
• Sulamrica Health Care Insurance
• Annual Bonus based on company and team performance
• Flexible work hours

We're a lean, agile team of passionate professionals who believe in the power of innovation and creative problem-solving. As part of our team, you won't be lost in the crowd – you'll be an essential contributor, making a real impact from day one.

Our values at Latitude.sh guide us in all our work and partnerships. We're proud to be an inclusive company, and we welcome all applicants for our open positions, regardless of their background, religion, sexual orientation, gender identity, age, nationality, or disability. If these values speak to you, we'd love for you to become a part of our team.