IT & Compliance Specialist

ABOUT THE ROLE

We're looking for an experienced IT & Compliance Specialist to own and scale our security compliance program while managing internal IT operations. You'll work closely with Engineering, Operations, and Leadership, supported by the CTO and a part-time consultant with deep SOC 2 and MDM expertise, but day-to-day ownership is yours.

KEY RESPONSIBILITIES

SOC 2 COMPLIANCE (PRIMARY PRIORITY)

• Own and maintain the SOC 2 compliance program: continuous monitoring, audit readiness, evidence collection, and control tracking

• Administer Vanta as the primary compliance automation platform, it needs work, and cleaning it up is part of the job

• Conduct regular access reviews and ensure documentation is complete and accurate

• Facilitate tabletop exercises covering scenarios like AWS outages, cyber incidents, and availability failures

• Manage vendor relationships: Vanta contract, pentester engagements, and third-party security assessments

• Develop, maintain, and improve information security policies, procedures, and documentation

Device Fleet & MDM

• Own corporate device management across a mixed fleet of macOS, Linux, and Windows machines

• Implement centralized MDM controls: encryption, anti-malware, endpoint detection, and remote management

• Establish and enforce a BYOD policy for employees and contractors using personal hardware

• Build repeatable onboarding and offboarding processes so device and access controls are never an afterthought

Cloud & AWS Compliance

• Maintain AWS security hygiene: IAM roles, Identity Center, GuardDuty, AWS Config, and access reviews

• Identify and remediate overly permissive roles, stale credentials, and misconfigured controls

• Collaborate with the technical team in Caxias do Sul to resolve vulnerabilities and apply patches

• Support cloud-related evidence collection for SOC 2 controls

IT Operations & Access Management

• Own IT onboarding and offboarding: provisioning, deprovisioning, and access controls

• Manage access across Google Workspace, Slack, GitHub, Rippling, AWS Identity Center, and other core tools

• Serve as the primary internal IT resource and respond to urgent issues as they arise

REQUIREMENTS

• 3+ years in IT, Security, Compliance, or related roles within a SaaS or high-growth tech environment

• Proven hands-on experience managing SOC 2 Type I and/or Type II programs

• Direct experience with Vanta, including interpreting findings and driving remediation

• Experience managing devices across macOS, Linux, and Windows using MDM tools such as JumpCloud, Jamf, Kandji, or similar

• Working knowledge of AWS security: IAM, Identity Center, GuardDuty, AWS Config, and access best practices

• Strong understanding of identity and access management, MFA, encryption, endpoint security, and audit controls

• C1+ English for daily collaboration with the US-based CTO and leadership

• Execution-focused: the CTO and consultant will support you, but the day-to-day needs someone who follows through without being managed step by ste

PREFERRED QUALIFICATIONS

• Scripting experience (Python preferred) for automating compliance checks or IT workflows

• Experience with AI tools such as Claude or ChatGPT applied to compliance or IT operations

• Familiarity with our stack: Google Workspace, Slack, GitHub, Rippling, Linear, AWS Identity Center

• Experience owning vendor contracts or working with pentesters and external assessors

• Prior experience working with or at a US-headquartered company with a Brazilian engineering team

• Certifications such as CompTIA Security+, AWS Security, or SOC 2-related credentials are a plus

SUCCESS IN THE FIRST 3–6 MONTHS

First 60 Days

• Every open finding in Vanta has a clear owner and remediation timeline

• The device fleet is fully inventoried: what's enrolled, what's not, what needs to happen

• Working relationships built with the technical team in Caxias do Sul

• Top AWS hygiene issues identified and a remediation plan presented to the CTO

Six Months In

• SOC 2 evidence gathered continuously, not assembled in a panic before an audit

• Every corporate device enrolled in MDM with encryption, anti-malware, and remote management

• A BYOD policy exists and is actively followed

• Access reviews happen on schedule with clean documentation

• At least one tabletop exercise facilitated and the team knows how to respond to a real incident

COMPENSATION & LOGISTICS

• Hybrid role based in Rio Grande do Sul

• Travel to Caxias do Sul expected, especially in the first months; occasional travel to Rio de Janeiro may also be required

• Significant overlap with US Pacific Time for daily collaboration with the CTO and leadership

• Equity package, flexible PTO, mental health benefits, fitness allowance, learning budget, and home office allowance

COMPANY OVERVIEW

Our client is an AI-powered demo engineering platform that helps software companies run live, hands-on sandboxes and demos for enterprise buyers. We recently closed our Series A and launched three new products: a Data Generator for realistic synthetic data, a Surface Editor for instant demo personalization, and a Sandbox Copilot, a 24/7 AI Sales Engineer embedded inside every sandbox.

Job description created by latamcent.com http://latamcent.com, a nearshore staffing agency.