VTEX is seeking an IT Compliance Sr. Analyst who thrives in a fast-paced, collaborative environment and will be responsible for helping the internal control manager coordinate and maintain our compliance program.ABOUT THE ROLEVTEX is seeking an IT Compliance Sr. Analyst who thrives in a fast-paced, collaborative environment and will be responsible for helping the internal control manager coordinate and maintain our compliance program.ABOUT THE TEAMThe VTEX Compliance team is responsible for the areas of Governance, Risks, Internal Controls, Compliance, and Regulations. Its primary scope is to provide risk information and mitigation to comply with local and international legislation and governance best practices. In addition, it is the responsibility of this team to act actively to implement the ERM, SOx 404 and specific certifications related to the IT environment like SOC Report, PCI, ISO27001, S2, FedRAMP and others that can be applied in the near future.WHAT YOU WILL DODesign/test internal technology and cyber controls, identifying weaknesses or opportunities for improvement in internal controls;Build/update technological process narratives detailing the flow of executed activities;Identify improvement points in technology processes (Access management, change and development management, IT and Cyber operations management) and assist IT Compliance managers in implementing controls within VTEX areas;Conduct internal communications with the main areas involved in the internal control environment and information security;Conduct independent internal tests in the technology control environment from the perspective of major frameworks such as COSO, COBIT, and NIST;Perform impact assessments for any deficiencies identified in internal controls;Conduct quality reviews of tests carried out internally or with the use of consulting services in the internal control environment;Collect evidence and govern the independent internal testing process;Lead the SOC certification process together with the consulting firm responsible for conducting the evaluation at VTEX.WHO YOU AREYou are based in Rio de Janeiro with availability to go to the office once a week – this is a hybrid position.Upper-intermediate English to write, read, and communicate (will be tested);Bachelor’s Degree in Engineering / Information Technology / Computer Science or related field;Knowledge of mapping and understanding the process chain, including mapping the processes in an end-to-end way;Someone with proven experience within IT department, internal audit positions, internal controls and others related;Experience from Big4 is a plus;Experience in applying PCAOB standards, and adherence to SOx 404 regulations;Knowledge about SOC Report (ISAE 3402), ISO27001, Cobit framework;Ability to communicate and influence a range of different internal and external stakeholders and can flex their style based on the audience;Demonstrated ability to work with a certain level of autonomy, handle multiple priorities, and meet deadlines in a fast-paced environment.
#J-18808-Ljbffr