Cybersecurity Risk & Compliance Analyst (Senior) ID34575 – São Bernardo do Campo

AgileEngine is one of the Inc. 5000 fastest-growing companies in the U and a top-3 ranked dev shop according to Clutch. We create award-winning custom software solutions that help companies across 15+ industries change the lives of millions

If you like a challenging environment where you’re working with the best and are encouraged to learn and experiment every day, there’s no better place – guaranteed! 🙂

WHAT YOU WILL DO

– Perform regular vulnerability scans across systems and applications; analyze findings and prioritize remediation based on business risk.

– Maintain accurate asset inventories including SBOM/HBOM for core systems.

– Collaborate with IT/DevOps teams to track and validate the remediation of security vulnerabilities.

– Coordinate evidence collection and preparation for external audits (SOC2, HITRUST, PCI DSS), reducing the operational burden on engineering teams.

– Develop and maintain internal security policies and standards aligned with compliance requirements.

– Monitor compliance posture, identify gaps, and support remediation plans.

– Conduct recurring risk assessments to identify security control weaknesses and emerging threats.

– Maintain the organization’s risk register and follow up on mitigation efforts.

– Evaluate risks related to emerging technologies, including Generative AI.

– Support incident response activities and address security inquiries from clients and partners.

– Provide day-to-day guidance on security best practices to internal stakeholders.

MUST HAVE

-4+ years of experience in cybersecurity with a focus on risk management and compliance.

– Strong understanding of vulnerability management and risk assessment methodologies (NIST RMF, ISO 27001).

– Hands-on experience with compliance frameworks (SOC2, HITRUST, PCI DSS).

– Excellent analytical skills and a collaborative approach, especially when working with IT and DevOps teams.

– Upper-Intermediate English level.

NICE TO HAVES

– Familiarity with security tooling for audit automation or asset tracking.

– Experience supporting incident response and customer-facing security assessments.

– Awareness of modern security challenges in the healthcare or SaaS environment.

THE BENEFITS OF JOINING US

– Professional growth

Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps.

– Competitive compensation

We match your ever-growing skills, talent, and contributions with competitive USD-based compensation and budgets for education, fitness, and team activities.

– A selection of exciting projects

Join projects with modern solutions development and top-tier clients that include Fortune 500 enterprises and leading product brands.

– Flextime

Tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.

NEXT STEPS AFTER YOU APPLY

The next steps of your journey will be shared via email within a few hours. Please check your inbox regularly and watch for updates from our Internal Applicant site, LaunchPod, which will guide you through the process.