Info on the GRC Senior AnalystWant to get to the next step in your international career?
We can support you!Ubiminds is a GPTW certified, people-first company that partners with American software product companies to scale their development footprint.
Ubi custom-curates Brazilian top 5% talent for their LATAM strategy, offering a unique combo of staff augmentation and employer-of-record services.Ubiminds is assisting a global rating agency established to restore trust in credit ratings and offer accurate and transparent ratings.ChallengeWe are looking for a passionate InfoSec professional to join the client information Security Governance Risk and Compliance (GRC) team.
This position will report to our client Manager of Information Security Compliance under the Chief Information Security Officer.What you'll doOversee the management of the client compliance and continuous monitoring program, including for public sector/federal clients.Lead audits for SOC 2 Type 2, ISO 27001, ISO 27701, Internal Audits, and assist in FedRAMP audits when needed with support from the ISSO.Assist the ISSO in management of the client FedRAMP program, including review and updates to policies and procedures.Document risks and deviations of insufficient policy or control implementation, and coordinate with external teams for remediation.Lead the client Third-Party and supply chain management program.Lead third-party assessments of the client platforms for client audits.Lead and coordinate completion of client assessments, questionnaires, deliverables, and communications.Assist in documentation of the client controls implemented to maintain its compliance program across products and information systems.Provide support to other departments, acting as a Subject Matter Expert regarding compliance, privacy, and standards.In order to succeed in this position, you will need:Mandatory skillsExperience as the lead for SOC 2 Type 2 and ISO 27001 audits.Experience dedicated to Information Security and Compliance.Proactively manage and prioritize team tasks to optimize individual strengths and collective productivity.Comfortable speaking directly with customers' security teams and/or leadership, in a way that appropriately represents the company and security capabilities.Experience with cloud and/or SaaS security best practices.Knowledge of and experience with information security concepts: encryption, application security, identity management, log management, disaster recovery, etc.Experience with Windows, Mac OS X, and familiarity with Linux.Ability to balance multiple complex tasks and quickly prioritize.Nice to haveRelevant certifications such as CISSP or CISA certification, or desire to obtain is a plus.About UbimindsOur CulturePeople First.
We are all about people!Challenge yourself.
There's always room for improvement and continuous improvement is in our essence.Make it happen.
Be ready to take challenges as they come.
It's all about attitude and commitment.We're in this together.
We work as a team, thrive as a team, and evolve as a team.Averaging on awesome.
We work hard to deliver high-quality services and look forward to exceeding expectations.Keep it real.
We promise you honesty, transparency, and openness, regardless of the situation.Perks and BenefitsAs a GRC Senior Analyst@Ubiminds, you:Are placed in a product-based company, with the same treatment as their full-time employees.Have our full back-office support, from career guidance to HR and concierge services.Enjoy our remote-first policy – we are a distributed team, after all.Get your own MacBook (none of that "bring your own device" stuff here).Have access to growth opportunities with other amazing technology professionals, through tech talks, chapter meetings, and even remote happy hours for tons of fun!Improve your English through free lessons with a native English speaker - get to the next level on your communication skills!Candidate Referral bonus (promote Ubi to your tech friends, and get paid for it!
)Miss working in the office?
Our cool Florianópolis headquarters is available, whenever you want, with weekly quick massages & tasty snacks, soft drinks, and games.How our process worksInterview with Tech Recruiter (chat about the job opening and your experiences).Client process (this may vary).Offer (yay).#J-18808-Ljbffr