IT Compliance Specialist
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
IT & Compliance Specialist overseeing SOC 2 compliance and internal IT operations for AI demo platform. Collaborating with engineering and leadership to maintain and improve security standards.
Responsibilities:
- Own and maintain the SOC 2 compliance program, including continuous monitoring, audit readiness, evidence collection, and control tracking
- Administer Vanta as the primary compliance automation platform, it needs work, and cleaning it up is part of the job; you will have CTO time and a part-time consultant to help you navigate it
- Conduct regular access reviews across all systems and ensure documentation is complete and accurate
- Facilitate tabletop exercises, scenario-based drills covering events like AWS regional outages, cyber incidents, or availability failures, planning, running, and capturing outcomes
- Manage vendor relationships: own the Vanta contract, pentester engagements, and third-party security assessments
- Develop, maintain, and improve information security policies, procedures, and documentation
- Take ownership of corporate device management across a mixed fleet of macOS, Linux, and Windows machines
- Implement centralized MDM controls: encryption, anti-malware, endpoint detection, and remote management across all corporate devices
- Establish and enforce a BYOD policy for employees and contractors who use personal hardware for work
- Ensure every device is properly enrolled and meets compliance requirements before an employee is operational on day one
- Build repeatable onboarding and offboarding processes so access and device controls are never an afterthought
- Maintain security hygiene in AWS: IAM roles, Identity Center, GuardDuty, AWS Config, and access reviews
- Identify and remediate overly permissive roles, stale credentials, and misconfigured controls
- Collaborate with engineers to resolve vulnerabilities and apply patches, you will need strong working relationships with the technical team in Caxias do Sul
- Support cloud-related evidence collection for SOC 2 controls
- Own IT onboarding and offboarding: provisioning, deprovisioning, and access controls so nothing falls through the cracks
- Manage access across Google Workspace, Slack, GitHub, Rippling, AWS Identity Center, and other core tools
- Serve as the primary internal IT resource and respond to urgent issues as they arise
Requirements:
- 3+ years of experience in IT, Security, Compliance, or related roles within a SaaS company, startup, or high-growth technology environment
- Proven hands-on experience managing SOC 2 Type I and/or Type II compliance programs
- Direct experience with Vanta, not just compliance platforms in general, but specifically Vanta, including interpreting findings and driving remediation
- Experience managing devices across macOS, Linux, and Windows using MDM solutions such as JumpCloud, Jamf, Kandji, or similar
- Working knowledge of AWS security and governance: IAM, Identity Center, GuardDuty, AWS Config, and access best practices
- Strong understanding of identity and access management, MFA, encryption, endpoint security, and audit controls
- Detail-oriented to a fault, if a control is slightly incomplete or an access review has a gap, you catch it before the auditor does
- Professional English communication skills (C1 or higher) for daily collaboration with the US-based CTO and leadership team
- Execution-focused and detail-oriented, the CTO and a part-time the consultant will support you, but the day-to-day compliance work needs someone who follows through completely, not someone who needs the work defined for them every step
- Comfortable in a fast-moving startup environment where you are the only person whose main job is compliance.
Benefits:
- Equity package
- Flexible PTO policy
- Mental health benefits
- Fitness allowance
- Learning and professional development budget
- Home office and workspace allowance
Similar Jobs
Senior Manager, Regulatory Promotion & Material Compliance
Regulatory Affairs Sr Manager ensuring truthful communication and formulations for product promotions at Amgen. Leading compliance efforts by interpreting FDA regulations and guiding promotional programs.
Regulatory Affairs Director – Global Regulatory Leader, Rare Disease
Global Regulatory Leader at Amgen leading regulatory strategy for product development in rare diseases. Collaborating with teams to ensure regulatory compliance and approval across markets.
Senior Compliance Officer
Senior Compliance Officer serving as compliance expert for multiple disciplines at Fulton Bank. Overseeing compliance programs and mentoring junior team members.
Compliance Manager
Compliance Manager overseeing regulatory programs and team performance in banking. Responsible for compliance advisory services and management oversight with a focus on continuous improvement.
Compliance Director
Compliance Director at Fulton Bank, designing and implementing compliance risk management strategies. Leading compliance team and ensuring effective operational compliance.
Data and Reporting Compliance Analyst
Data and Reporting Compliance Analyst at Fulton Bank responsible for delivering reports and dashboards. Collaborating with teams to ensure effective data analysis and compliance monitoring.
Government Compliance Associate
Government Compliance Associate supporting compliance activities and financial analysis for government regulations at L3Harris. Collaborating with segment functions and assisting with audits and proposals.
Director, Regulatory CMC
Director of Regulatory CMC at Iovance Biotherapeutics overseeing global regulatory strategies and submissions for oncology drug development. Collaborating with health authorities and cross-functional teams on clinical programs.
Global Director – Risk & Compliance
Director of Global Risk & Compliance at AI services provider co-creating impact through data science. Leading risk management and compliance across regions with a focus on AI governance.
Senior Compliance Analyst
Senior Compliance Analyst at EZCORP focusing on regulatory examination and compliance tools in a growing company. Responsible for risk assessments and compliance reporting for senior management and the Board.
Senior SW Compliance Specialist – Regulatory Affairs, Design Assurance
Responsible for regulatory and quality processes at Meridian Bioscience. Supports compliance activities through the product lifecycle in the medical device sector.
Head of Compliance
Compliance professional advising business leaders on regulatory frameworks within a global healthcare context. Leading compliance program enhancements and fostering a culture of ethics across Europe.
Compliance Specialist I
Compliance Specialist supporting projects and managing risks at Grupo Boticário, a leader in the beauty sector. Focused on regulatory change and governance strategies to ensure compliance.
Regulatory Affairs Consultant – Compliance, Process
Regulatory Affairs Consultant focusing on compliance and quality operations in GxP environments for Parexel. Collaborating with cross-functional teams to deliver compliant and efficient business operations.
Senior Vice President, Technical - Clinical Regulatory Affairs
Senior/Vice President, Technical overseeing regulatory strategies for biopharma clinical development. Work from home position with significant impact on patient therapeutic developments.
Governance & Compliance Specialist
Governance & Compliance Specialist driving transformation programs within GRC frameworks for a multinational consulting firm. Operate governance frameworks, manage risks, and support compliance in a fully remote role.
Governance & Compliance Specialist
Governance & Compliance Specialist ensuring delivery within GRC frameworks at fast-growing consulting firm. Responsible for steering transformation and transition programs while maintaining compliance and risk management.
Regional Food Safety Quality Regulatory Lead
Regional Food Safety Quality Regulatory POD Lead providing leadership and compliance for Cargill plants. Partnering with stakeholders for strategy alignment, continuous improvement, and regulatory adherence.
Regulatory Operations Documentation Specialist
Support Regulatory Operations with electronic submission documentation. Focus on document formatting, quality control, and communication archiving with Health Authorities.
Compliance Analyst I, Licensing
Compliance Analyst ensuring Guild Mortgage Company adheres to legal regulations. Supporting compliance management and maintaining licenses with state and federal agencies.