IT Compliance Specialist

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

LatamCent

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2023

🎯 Recruiter

🤝 B2B

☁️ SaaS

Recruitment • B2B • SaaS

LatamCent is a staffing and recruiting firm that specializes in connecting companies in the USA with top talent from Latin America. They focus on building remote and nearshore teams for various functions including sales, marketing, and IT, leveraging their expertise to help organizations recruit, hire, and retain the top 1% of talent in the region. With a commitment to providing high-quality candidates quickly, LatamCent helps businesses reduce hiring times and costs while enhancing their workforce with skilled professionals.

📋 Description

• Own and maintain the SOC 2 compliance program, including continuous monitoring, audit readiness, evidence collection, and control tracking • Administer Vanta as the primary compliance automation platform, it needs work, and cleaning it up is part of the job; you will have CTO time and a part-time consultant to help you navigate it • Conduct regular access reviews across all systems and ensure documentation is complete and accurate • Facilitate tabletop exercises, scenario-based drills covering events like AWS regional outages, cyber incidents, or availability failures, planning, running, and capturing outcomes • Manage vendor relationships: own the Vanta contract, pentester engagements, and third-party security assessments • Develop, maintain, and improve information security policies, procedures, and documentation • Take ownership of corporate device management across a mixed fleet of macOS, Linux, and Windows machines • Implement centralized MDM controls: encryption, anti-malware, endpoint detection, and remote management across all corporate devices • Establish and enforce a BYOD policy for employees and contractors who use personal hardware for work • Ensure every device is properly enrolled and meets compliance requirements before an employee is operational on day one • Build repeatable onboarding and offboarding processes so access and device controls are never an afterthought • Maintain security hygiene in AWS: IAM roles, Identity Center, GuardDuty, AWS Config, and access reviews • Identify and remediate overly permissive roles, stale credentials, and misconfigured controls • Collaborate with engineers to resolve vulnerabilities and apply patches, you will need strong working relationships with the technical team in Caxias do Sul • Support cloud-related evidence collection for SOC 2 controls • Own IT onboarding and offboarding: provisioning, deprovisioning, and access controls so nothing falls through the cracks • Manage access across Google Workspace, Slack, GitHub, Rippling, AWS Identity Center, and other core tools • Serve as the primary internal IT resource and respond to urgent issues as they arise

🎯 Requirements

• 3+ years of experience in IT, Security, Compliance, or related roles within a SaaS company, startup, or high-growth technology environment • Proven hands-on experience managing SOC 2 Type I and/or Type II compliance programs • Direct experience with Vanta, not just compliance platforms in general, but specifically Vanta, including interpreting findings and driving remediation • Experience managing devices across macOS, Linux, and Windows using MDM solutions such as JumpCloud, Jamf, Kandji, or similar • Working knowledge of AWS security and governance: IAM, Identity Center, GuardDuty, AWS Config, and access best practices • Strong understanding of identity and access management, MFA, encryption, endpoint security, and audit controls • Detail-oriented to a fault, if a control is slightly incomplete or an access review has a gap, you catch it before the auditor does • Professional English communication skills (C1 or higher) for daily collaboration with the US-based CTO and leadership team • Execution-focused and detail-oriented, the CTO and a part-time the consultant will support you, but the day-to-day compliance work needs someone who follows through completely, not someone who needs the work defined for them every step • Comfortable in a fast-moving startup environment where you are the only person whose main job is compliance.

🏖️ Benefits

• Equity package • Flexible PTO policy • Mental health benefits • Fitness allowance • Learning and professional development budget • Home office and workspace allowance