IT & Compliance Specialist

About the role

We're looking for an experienced IT & Compliance Specialist to own and scale our security compliance program while managing internal IT operations. You'll work closely with Engineering, Operations, and Leadership, supported by the CTO and a part-time consultant with deep SOC 2 and MDM expertise, but day-to-day ownership is yours.

Responsibilities

• SOC 2 Compliance (Primary Priority)
• Own and maintain the SOC 2 compliance program: continuous monitoring, audit readiness, evidence collection, and control tracking
• Administer Vanta as the primary compliance automation platform, it needs work, and cleaning it up is part of the job
• Conduct regular access reviews and ensure documentation is complete and accurate
• Facilitate tabletop exercises covering scenarios like AWS outages, cyber incidents, and availability failures
• Manage vendor relationships: Vanta contract, pentester engagements, and third-party security assessments
• Develop, maintain, and improve information security policies, procedures, and documentation
• Device Fleet & MDM
• Own corporate device management across a mixed fleet of macOS, Linux, and Windows machines
• Implement centralized MDM controls: encryption, anti-malware, endpoint detection, and remote management
• Establish and enforce a BYOD policy for employees and contractors using personal hardware
• Build repeatable onboarding and offboarding processes so device and access controls are never an afterthought
• Cloud & AWS Compliance
• Maintain AWS security hygiene: IAM roles, Identity Center, GuardDuty, AWS Config, and access reviews
• Identify and remediate overly permissive roles, stale credentials, and misconfigured controls
• Collaborate with the technical team in Caxias do Sul to resolve vulnerabilities and apply patches
• Support cloud-related evidence collection for SOC 2 controls
• IT Operations & Access Management
• Own IT onboarding and offboarding: provisioning, deprovisioning, and access controls
• Manage access across Google Workspace, Slack, GitHub, Rippling, AWS Identity Center, and other core tools
• Serve as the primary internal IT resource and respond to urgent issues as they arise

Requirements

• 3+ years in IT, Security, Compliance, or related roles within a SaaS or high-growth tech environment
• Proven hands-on experience managing SOC 2 Type I and/or Type II programs
• Direct experience with Vanta, including interpreting findings and driving remediation
• Experience managing devices across macOS, Linux, and Windows using MDM tools such as JumpCloud, Jamf, Kandji, or similar
• Working knowledge of AWS security: IAM, Identity Center, GuardDuty, AWS Config, and access best practices
• Strong understanding of identity and access management, MFA, encryption, endpoint security, and audit controls
• C1+ English for daily collaboration with the US-based CTO and leadership
• Execution-focused: the CTO and consultant will support you, but the day-to-day needs someone who follows through without being managed step by ste
• Scripting experience (Python preferred) for automating compliance checks or IT workflows
• Experience with AI tools such as Claude or ChatGPT applied to compliance or IT operations
• Familiarity with our stack: Google Workspace, Slack, GitHub, Rippling, Linear, AWS Identity Center
• Experience owning vendor contracts or working with pentesters and external assessors
• Prior experience working with or at a US-headquartered company with a Brazilian engineering team
• Certifications such as CompTIA Security+, AWS Security, or SOC 2-related credentials are a plus
• Success in the First 3-6 Months
• First 60 Days
• Every open finding in Vanta has a clear owner and remediation timeline
• The device fleet is fully inventoried: what's enrolled, what's not, what needs to happen
• Working relationships built with the technical team in Caxias do Sul
• Top AWS hygiene issues identified and a remediation plan presented to the CTO
• Six Months In
• SOC 2 evidence gathered continuously, not assembled in a panic before an audit
• Every corporate device enrolled in MDM with encryption, anti-malware, and remote management
• A BYOD policy exists and is actively followed
• Access reviews happen on schedule with clean documentation
• At least one tabletop exercise facilitated and the team knows how to respond to a real incident
• Compensation & Logistics
• Hybrid role based in Rio Grande do Sul
• Travel to Caxias do Sul expected, especially in the first months; occasional travel to Rio de Janeiro may also be required
• Significant overlap with US Pacific Time for daily collaboration with the CTO and leadership
• Equity package, flexible PTO, mental health benefits, fitness allowance, learning budget, and home office allowance
• Company Overview
• Our client is an AI-powered demo engineering platform that helps software companies run live, hands-on sandboxes and demos for enterprise buyers. We recently closed our Series A and launched three new products: a Data Generator for realistic synthetic

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at latamcent? Share your experience