• Join our awesome Cybersecurity Team as an Information Security Analyst with emphasis in GRC (governance, risk and compliance) to embrace a unique and challenging project;
• Ensure security-related activities and processes are aligned with the organization’s strategy and business goals, under the supervision of the Manager of Cybersecurity;
• Actively participate and contribute to strategic internal initiatives sponsored by the Cybersecurity team regarding information security;
• Support internal/external audit processes and evidence collection initiatives, as well as security-related client inquiries and assessments, while collaborating with key internal teams such as IT, Architecture, DevOps, and Sales / Customer Support.
• Help identify and evaluate relevant international standards, controls, compliance frameworks, and legislation/regulation for the organization, recognizing internal gaps and areas of improvement.
• Help develop and establish an organization wide InfoSec culture by participating in security awareness and personnel training activities.
• Support the continuous development of our Information Security Management System (ISMS), by participating in the development and implementation of effective security policies, standards, guidelines, and procedures.
• Participate in the maintenance and continuous improvement of our ISO 27001 certification.

Who are we looking for?

We’re looking for someone that’s passionate about Information Security and has 3-5 years of experience in similar functions. This person has a few years of experience in these domains and wants to continue growing their knowledge in this field. They are thrilled to embrace a unique challenge at a leading AI company and are eager to share their experiences and knowledge, as well as learn and collaborate with a team of high-caliber cybersecurity professionals. Our chosen candidate is determined, a strong critical thinker, and passionate about helping us achieve our goals.

Requirements:

• 3-5 years of proven experience working in information security either for a known organization with a technological background, a security consulting firm/services provider or for a Big 4 consulting firm with equivalent job responsibilities.
• Academic education in Computer Engineering or similar fields of study, mainly in reference universities.
• Experience in performing information security assessments, both for internal systems and as part of client inquiries related to sales engagements or ongoing business relationships.
• Knowledge of international information security standards and frameworks such as ISO 27001/27002, ISO 17799, NIST 800-53/NIST CSF, CIS Controls, SOC 2.
• Experience in developing, maintaining, and enforcing areas of an Information Security Management System (ISMS) within the organization, in light of the ISO 27001/27002 standards.
• Familiarity with relevant legal and regulatory compliance landscapes such as GDPR, CCPA, HIPAA, LGPD, and SOX.
• Basic knowledge about cloud-native software architectures, in order to address security aspects in this context (e.g., cloud services, IaaS/PaaS/SaaS models, containers, microservices, modern DevOps toolchain, multi-tenancy aspects).
• Professional certifications such as CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor or similar are considered a plus.
• Good verbal and written communication skills, being able to interact with a wide range of stakeholders whenever required, in a fast-paced organization.
• Ability to work in an Agile and dynamic environment.
• High level of autonomy, as well as professionalism, responsibility, and personal integrity;
• Fluency in English, since you will be working in an international environment.

• Flexible working schedule and hybrid model. We know comfort can boost creativity and performance, so you can manage your schedule and work both from one of our modern office spaces or home.
• Excellent career development opportunities in a high growth company. With us, you can accomplish your career goals and follow a well-described career path with the support of your supervisor.
• Culture of feedback and continuous improvement. AI is a fast-paced area, so we keep track of tech trends, and we always ask for feedback.
• An international and diverse team. We have more than 30 nationalities at our 3 locations, and we provide language classes.
• Continuous training opportunities. You can choose from many options: leveraging hand-on workshops, unlimited access to Udemy and formal development opportunities.
• We love to have fun together. We joke a lot, and we can't imagine work without fun activities – we already surfed, raced carts and played soccer together.