Security & Compliance Specialist

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Nutrium

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2015

☁️ SaaS

🧘 Wellness

🤝 B2B

SaaS • Wellness • B2B

Nutrium is a technology company that provides a software platform to support dietitians and organizations in delivering personalized, human-led nutrition care. Their tools enable nutrition professionals to manage clients, create individualized nutrition plans, and scale 1:1 nutrition services; the platform is used by dietitians across 90+ countries and is offered to companies as part of workplace or clinical solutions. Nutrium operates as a remote-first, product-driven team focused on improving wellbeing through accessible, evidence-informed nutrition services.

📋 Description

• Own compliance execution across Nutrium's security and privacy frameworks (ISO 27001, ISO 27701, SOC 2, ISO 9001, HIPAA, and GDPR) • Manage Nutrium's GRC platform end to end: controls, evidence, tasks, audits, and remediation plans • Prepare for and support internal and external audits, from scoping to evidence collection • Maintain and improve internal policies, procedures, controls, and compliance documentation • Partner with internal teams (Engineering, Legal and Operations), and external consultants, to turn requirements into practical implementation • Respond to security questionnaires and due diligence requests from prospects and clients • Support meetings with national and international clients on security, privacy, compliance, and data flows • Provide operational legal support, when needed.

🎯 Requirements

• Hold a Degree in Law, Information Security, Cybersecurity, Data Protection, or a related field (a Degree from NOVA IMS is a plus!) • Have between 1 - 3 years of experience in compliance, legal operations, privacy, risk, governance or a similar area, ideally in a regulated environment (healthcare, SaaS or fintech is a plus!) • Have hands-on experience with at least one major framework (ISO 27001, SOC 2, or GDPR), and familiarity with the others • Have experience working with GRC platforms to manage controls, evidence and audit cycles (nice to have) • Are highly organized, structured and detail-oriented, with strong ownership over follow-ups and deadlines • Bring exposure to HIPAA or health-data privacy, or a relevant certification (ISO 27001 Lead Implementer or Auditor, CIPP, CISA), or are working towards one • Thrive in a fast-moving scale-up where processes are still being built • Are comfortable preparing for and supporting internal and external audits • Have experience responding to client security questionnaires and due diligence requests • Thrive in collaborative environments and enjoy working with cross-functional teams and external consultants • Are fluent in Portuguese and English (additional languages are a plus).

🏖️ Benefits

• A flexible work model and hours • 27 days of annual leave • Unlimited nutritional appointments (via Nutrium Care) • Unlimited psychology sessions • Health insurance • Meal allowance: 10,46€ per working day • Professional development budget • Snacks and good coffee in the offices • A multicultural team that enjoys spending time together, not just while working, but also through team activities, social events, and our annual offsite.