Governance Risk Compliance Officer

Summary

The job is for an IT Risk Management role at dLocal, a global payments processor. The role involves managing various aspects of risk, compliance, and security, including PCI-DSS program participation, data mapping, incident response support, third-party vendor management, disaster recovery planning, security awareness programs, SDLC documentation, and policy maintenance.

Requirements

• Experience and strong working knowledge of IT Governance, Risk and Compliance (GRC)
• The ability to develop and maintain policies, procedures, guides and best practices
• The capacity to drive adoption of policies and procedures across the Company, without slowing us down!
• Familiarity with frameworks such as PCI-DSS, ISO/IEC 27001, SOC (SSAE16), SOX, COBIT, NIST and/or others
• Experience with Data Privacy and Protection regulations and laws like GDPR and LGPD
• Excellent written and spoken English communication skills. Spanish is desirable but not mandatory

Responsibilities

• IT Risk management
• Participate in our PCI-DSS program
• Maintain our Data Mapping
• Retention and Security Classification
• Change Control
• Maintain Incident Response support documentation
• Execute our Third-Party Vendor Management (TPVM) process
• Maintain our Disaster Recovery (DR) plan
• Execute our Security Awareness program
• Maintain our SDLC (Software Development Life Cycle) documentation
• Maintain our Information Technology and Information Security Policies up to date
• Maintain our Access Matrix