Companies LatamCent IT & Compliance Specialist

About the role

LatamCent · Remote

About the Role

We're looking for an experienced IT & Compliance Specialist to own and scale the company's security compliance program while managing internal IT operations. This is a high-impact role responsible for maintaining SOC 2 compliance, strengthening security controls, and ensuring internal systems remain secure and audit-ready.

You will work closely with Engineering, Operations, and Leadership, serving as the primary owner of compliance initiatives and day-to-day IT operations. You will be supported by the CTO and a part-time consultant who brings deep SOC 2 and MDM expertise, but the day-to-day ownership is yours.

The compliance program is already in place. What we need is someone to take it seriously, stay on top of it, and make sure nothing slips. If anything being slightly out of place genuinely bothers you, you will fit right in here.

Key Responsibilities

SOC 2 Compliance (Primary Priority)

  • Own and maintain the SOC 2 compliance program, including continuous monitoring, audit readiness, evidence collection, and control tracking

  • Administer Vanta as the primary compliance automation platform, it needs work, and cleaning it up is part of the job; you will have CTO time and a part-time consultant to help you navigate it

  • Conduct regular access reviews across all systems and ensure documentation is complete and accurate

  • Facilitate tabletop exercises, scenario-based drills covering events like AWS regional outages, cyber incidents, or availability failures, planning, running, and capturing outcomes

  • Manage vendor relationships: own the Vanta contract, pentester engagements, and third-party security assessments

  • Develop, maintain, and improve information security policies, procedures, and documentation

Device Fleet & MDM

  • Take ownership of corporate device management across a mixed fleet of macOS, Linux (Ubuntu and variants), and Windows machines

  • Implement centralized MDM controls: encryption, anti-malware, endpoint detection, and remote management across all corporate devices

  • Establish and enforce a BYOD policy for employees and contractors who use personal hardware for work

  • Ensure every device is properly enrolled and meets compliance requirements before an employee is operational on day one

  • Build repeatable onboarding and offboarding processes so access and device controls are never an afterthought

Cloud & AWS Compliance

  • Maintain security hygiene in AWS: IAM roles, Identity Center, GuardDuty, AWS Config, and access reviews

  • Identify and remediate overly permissive roles, stale credentials, and misconfigured controls

  • Collaborate with engineers to resolve vulnerabilities and apply patches, you will need strong working relationships with the technical team in Caxias do Sul

  • Support cloud-related evidence collection for SOC 2 controls

IT Operations & Access Management

  • Own IT onboarding and offboarding: provisioning, deprovisioning, and access controls so nothing falls through the cracks

  • Manage access across Google Workspace, Slack, GitHub, Rippling, AWS Identity Center, and other core tools

  • Serve as the primary internal IT resource and respond to urgent issues as they arise

Requirements

  • 3+ years of experience in IT, Security, Compliance, or related roles within a SaaS company, startup, or high-growth technology environment

  • Proven hands-on experience managing SOC 2 Type I and/or Type II compliance programs

  • Direct experience with Vanta, not just compliance platforms in general, but specifically Vanta, including interpreting findings and driving remediation

  • Experience managing devices across macOS, Linux, and Windows using MDM solutions such as JumpCloud, Jamf, Kandji, or similar

  • Working knowledge of AWS security and governance: IAM, Identity Center, GuardDuty, AWS Config, and access best practices

  • Strong understanding of identity and access management, MFA, encryption, endpoint security, and audit controls

  • Detail-oriented to a fault, if a control is slightly incomplete or an access review has a gap, you catch it before the auditor does

  • Professional English communication skills (C1 or higher) for daily collaboration with the US-based CTO and leadership team

  • Execution-focused and detail-oriented, the CTO and a part-time the consultant will support you, but the day-to-day compliance work needs someone who follows through completely, not someone who needs the work defined for them every step

  • Comfortable in a fast-moving startup environment where you are the only person whose main job is compliance

Preferred Qualifications

  • Scripting experience (Python preferred) for automating compliance checks, IT workflows, or ITSM-style processes, we use Linear, not Jira, but the mindset is the same

  • Experience with AI tools such as Claude or ChatGPT applied to real compliance or IT operations workflows

  • Familiarity with tools in our stack: Google Workspace, Slack, GitHub, Rippling, Linear, AWS Identity Center

  • Some experience owning vendor contracts or working directly with pentesters and external security assessors

  • Prior experience working with or at a US-headquartered company with a Brazilian engineering team

  • Certifications such as CompTIA Security+, AWS Security, or SOC 2-related credentials are a plus but not required

Success in the First 3–6 Months

First 60 Days

  • Every open finding in Vanta has a clear owner and remediation timeline

  • The device fleet is fully inventoried: what is enrolled, what is not, and what needs to happen

  • You have built working relationships with the technical team in Caxias do Sul and know who to go to when vulnerabilities need patching

  • The top AWS hygiene issues are identified and a remediation plan is presented to the CTO

Six Months In

  • SOC 2 evidence is gathered continuously, not assembled in a panic before an audit

  • Every corporate device is enrolled in MDM with encryption, anti-malware, and remote management in place

  • A BYOD policy exists and is actively followed

  • Access reviews happen on schedule with clean documentation

  • At least one tabletop exercise has been facilitated and the team knows how to respond to a real incident

Compensation & Logistics

  • Hybrid role based in Rio Grande do Sul, Brazil, Caxias do Sul strongly preferred; Porto Alegre and surrounding areas are also welcome

  • Travel to Caxias do Sul is expected, especially in the first months; occasional travel to Rio de Janeiro may also be required

  • Significant overlap with US Pacific Time hours for daily collaboration with the CTO and leadership

  • Equity package

  • Flexible PTO policy

  • Mental health benefits

  • Fitness allowance

  • Learning and professional development budget

  • Home office and workspace allowance

Company Overview

Our client is an AI-powered demo engineering platform that helps software companies run live, hands-on sandboxes and demos for enterprise buyers. We recently closed our Series A and launched three new products: a Data Generator for realistic synthetic data, a Surface Editor for instant demo personalization, and a Sandbox Copilot, a 24/7 AI Sales Engineer embedded inside every sandbox.


Job description created by latamcent.com, a nearshore staffing agency.

Ready to apply to LatamCent?
Apply to LatamCent
Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free