Head of Compliance at Compass managing enterprise risk, information security, and multi - jurisdictional regulatory compliance. Building compliance frameworks in an exciting high - growth SaaS environment.
About the role
- Consultor GRC responsável pela implementação de projetos de Governança, Riscos e Compliance na Redbelt Security. Avaliação de processos e controles para segurança cibernética e melhoria contínua.
Responsibilities
- Support the team in leading projects, processes, and monitoring the GRC area's KPIs and KRIs to improve perceived value for Redbelt Security's investors, clients, and commercial partners.
- Implement GRC projects for Redbelt Security clients by conducting comprehensive assessments of existing governance, risk, and compliance processes, policies, and controls related to cybersecurity; provide strategic improvement recommendations addressing technology and process controls, as well as training and capacity-building programs for personnel to maximize the effectiveness of controls within the client's corporate cybersecurity framework.
- Work on Redbelt Security's internal projects by performing comprehensive assessments of existing governance, risk, and compliance processes, policies, and controls related to cybersecurity; propose strategic improvement recommendations covering technology and process controls, and develop training programs for staff to maximize the effectiveness of controls within Redbelt Security's corporate cybersecurity framework.
- Support Redbelt Security internal areas with GRC-related requests by participating in meetings, reviewing documentation, and providing technical GRC opinions aimed at aligning with market best practices, legal/regulatory requirements, and internationally recognized frameworks.
- Continuously monitor publications of new regulations, frameworks, laws, and industry best practices related to GRC services to recommend updates to the product portfolio and keep it up to date.
- Draft Redbelt Security policies and standards focused on Information Security to standardize processes and mitigate risks that those processes expose the company to.
Requirements
- Bachelor's degree in Business Administration, Engineering, Technology, or Information Security.
- Knowledge of industry frameworks such as, but not limited to, ITIL, COBIT, NIST, ISO 27000 series, ISO 22301, ISA/IEC 62443.
- Familiarity with Cyber Risk Assessment, Business Continuity Plan (BCP), Incident Response Plan, Tabletop Exercises, Privacy and Data Protection, and Cybersecurity.
- Knowledge of Information Technology (IT) and Operational Technology (OT) environments.
- Preferred certifications in IT Governance (ISO 38500), Risk Management (ISO 31000), or Compliance (ISO 37301).
Benefits
- Meal allowance (iFood Benefícios card) — no employee contribution;
- Food allowance (iFood Benefícios card) — no employee contribution;
- Transportation voucher — as required by law;
- Medical assistance/health insurance — no copayment and no employee contribution;
- Dental assistance/dental insurance — no copayment and no employee contribution;
- Well-being: Wellhub and Totalpass;
- Group life insurance;
- Piwi support;
- Starbem: healthtech platform for care;
- Avus: health benefits platform;
- Childcare assistance;
- Assistance for dependents with special needs;
- Company Citizen program: extended maternity and paternity leave;
- Day off on your birthday;
- Redbelt Referral Program: your referral matters;
- Redbelt School: educational sponsorship for courses and certifications;
- Redbelt Celebra: tenure awards;
- Agreement with SESC;
- Partnerships with educational and language institutions for discounts;
- PLR (profit-sharing): subject to achievement of company targets.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Regional Regulatory Lead overseeing EUCAN regulatory strategy for pharmaceutical projects and products. Planning submissions, coordinating meetings, and collaborating with regulatory authorities.
Manager Regulatory Affair at Capgemini Engineering coordinating activities for the US market. Preparing submissions to the FDA and collaborating with internal teams for regulatory compliance.
Engineer IT Compliance responsible for compliance activities in regulated IT systems. Building partnerships with IT functions and ensuring regulatory alignment in pharmaceutical industry.
Regulatory Affairs Associate for managing new drug registrations and preparing documentation in the India Market. Collaborating with stakeholders and supporting compliance in bulk drug registration.
Senior Tech Compliance Analyst at Syneos Health responsible for global Technology Disaster Recovery efforts, collaborating with various teams and service providers.
BL
Chief Nuclear Officer serving as the nuclear safety authority for BaRupOn's SMR/MMR programs. Establishing safety frameworks and ensuring regulatory compliance within the organization.
International Trade Compliance Manager overseeing compliance with international trade regulations at Northrop Grumman. Leading a team and managing compliance initiatives across multiple locations in the US.
Compliance Manager leading Autodesk's Enterprise Compliance program. Ensuring compliance with SOX, PCI regulations and overseeing security controls across teams.
Compliance Student supporting compliance and risk management activities for individual insurance at iA Financial Group. Involves monitoring processes, collaborating with teams, and assisting with compliance tasks.