Senior GRC Analyst
São Paulo, SP
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
Tractian
Stay ahead of failures and downtime with AI-powered Condition Monitoring, vibration sensors, CMMS, and OEE—built for safety, uptime, and reliability.
AreaThe Engineering team at Tractian is at the forefront of developing cutting-edge infrastructure, technologies, and products to harness the power of IoT data. Our team of talented Engineers collaborates to build robust systems, innovative solutions, and scalable platforms that drive Tractian's success. We are instrumental in shaping the company's decision-making process, optimizing operational efficiency, and delivering exceptional experiences to our consumers.
What you will doAs a GRC Analyst, you will be responsible for developing and implementing robust governance, risk management, and compliance (GRC) practices within our technology-driven organization. You will play a key role in establishing frameworks and processes that ensure the security, integrity, and regulatory compliance of our technology systems. You will collaborate with cross-functional teams to assess risks, implement controls, and drive continuous improvement of our GRC program.
What you will doAs a GRC Analyst, you will be responsible for developing and implementing robust governance, risk management, and compliance (GRC) practices within our technology-driven organization. You will play a key role in establishing frameworks and processes that ensure the security, integrity, and regulatory compliance of our technology systems. You will collaborate with cross-functional teams to assess risks, implement controls, and drive continuous improvement of our GRC program.
Responsibilities
- Key Responsibilities:
- Perform Business Impact Analysis (BIA), mapping processes and identifying RTO and RPO.
- Conduct the identification, mapping, assessment, and management of both operational and strategic risks across the organization, ensuring compliance with all applicable regulations and internal policies.
- Keep all the BCP and Disaster Recovery documents up to date.
- Develop, implement, and update company-wide compliance processes, procedures and rules to ensure alignment with corporate goals, legal requirements, and industry standards.
- Collaborate with other departments to create and modify operational processes and agreements and execute actions from action plans.
- Conduct and document regular tests for recovery, continuity plans (disaster recovery exercise, backup & data recovery, etc.) also supporting incident response tests.
- Implement privacy controls following the company’s governance guidelines and LGPD, GDPR, and CCPA regulations.
- Support the continuous improvement of compliance with ISO 27001, 27002, 22301 and 22313 standards.
- Monitor and conduct assessments to ensure the effectiveness of internal controls, also implementing improvements considering audits and assessments reports.
- Collaborate with multiple departments and headquarters to ensure effective implementation of compliance programs and provide guidance on risk-related matters to leadership.
- Collaborate to clarify security maturity doubts with stakeholders.
Requirements:
- Background in IT, security, auditing, compliance and/or quality.
- Experience with BCP-DR based on ISO 22301 and ISO 22313, including development of procedures, execution, and documentation of tests.
- Experience with audits and assessments of ISO 27001 and SOC 2.
- Hands-on experience in executing action plans and implementing controls.
- Knowledge with risk management frameworks (ISO 27005, NIST etc.).
- Knowledge of privacy laws (LGPD, CCPA, GDPR, etc.)
- Advanced English proficiency.
Would be a plus:
- Certification related to ISO 27001 and/or privacy (e.g., EXIN or IAPP).
- Experience in using Business Continuity Management (BCM) tools.
- Experiences with Vanta, SAT platforms, EDR, MDM, IAM.
- Other compliance/security certifications.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
5
0
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits CCPA Compliance EDR GDPR Governance IAM Incident response IoT ISO 22301 ISO 27001 ISO 27005 NIST Privacy Risk management SOC SOC 2
Region:
South America
Country:
Brazil
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsSenior Security Analyst jobsSystems Administrator jobsSecurity Operations Engineer jobsSenior Cloud Security Engineer jobsCyber Security Specialist jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobsInformation Security Manager jobsSecurity Consultant jobsSenior Network Security Engineer jobsSecurity Specialist jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsSenior Software Engineer jobsNetwork Engineer jobsCyber Threat Intelligence Analyst jobsSenior IT Auditor jobsCybersecurity Specialist jobsSoftware Engineer jobs
Bash jobsJava jobsEDR jobsEncryption jobsTS/SCI jobsRMF jobsSDLC jobsITIL jobsThreat detection jobsTerraform jobsSplunk jobsIDS jobsTop Secret jobsCompTIA jobsSQL jobsMalware jobsDocker jobsOWASP jobsIPS jobsForensics jobsActive Directory jobsFinance jobsGIAC jobsClearance Required jobsSOC 2 jobs
DoDD 8570 jobsMITRE ATT&CK jobsIntrusion detection jobsOSCP jobsTCP/IP jobsCRISC jobsVPN jobsSOAR jobsHIPAA jobsCCSP jobsJavaScript jobsZero Trust jobsDNS jobsKPIs jobsIT infrastructure jobsIndustrial jobsNIST 800-53 jobsMachine Learning jobsAnsible jobsBanking jobsData Analytics jobsUNIX jobsSOX jobsJira jobsVMware jobs