Security & Grc Analyst

**WHO WE ARE**
- Founded in 2008, Trustly is the global leader in Open Banking Payments, and the U.S. is Trustly’s fastest-growing market. Today we serve 10,000 merchants, connecting them with over 650 million consumers and 7,600 banks in over 30 countries. In 2021, we processed over $20 billion in transaction volume in our global network.

Our digital account-to-account platform redefines the speed, simplicity, and security of payments. Consumers pay for purchases by simply signing into their bank accounts, bypassing the card networks, and never leaving a merchant’s site or app - no credit card numbers or separate account setup necessary. With offices in Vitoria, Brazil, Silicon Valley in the US, and global headquarters in Stockholm, Sweden, we are a culturally diverse team. Across Brazil, we have embraced remote work from home policy.

At Trustly, we believe that inclusion and diversity are essential foundations for building a fair and equitable society. We do not discriminate based on race, religion, ancestry, color, national origin, gender identity, sexual orientation, age, citizenship, marital status, or disability status. Our main goal is to provide a fair, welcoming, diverse environment with opportunities for all collaborators. The stages of our selection process take place online and without distinction of any kind.

It’s a great time to join Trustly as the Americas team is growing fast. If you thrive in an entrepreneurially-minded, fast-paced, casual, professional, positive, and rewarding work environment, check us out

**About the team**:

- The team is responsible for ensuring that all our processes are aligned and working in accordance with internal and external policies and regulations, performing control self-assessment, vendor due diligence and risk assessment tasks on a daily basis, implementing and improving security processes, such as DLP (Data Loss Prevention), SDLC (System Development Life Cycle) and Logical Access Control.

**What you'll do**:

- Identify and assess IT Security and Compliance risks and support the implementation of key controls to mitigate significant risks;
- Support Legal and business teams on reviewing agreements (MSA’s, NDA’s, MNDA’s etc.) with vendors, partners and clients especially concerning data privacy and IT security matters;
- Support BIA (Business Impact Analysis) and BCP (Business Continuity Planning) efforts;
- Support the implementation and improvement of the Incident Response Plan;
- Conduct Security Awareness efforts (Security Awareness Training, Educational material preparation etc.);
- Understand, implement and keep current DLP (Data Loss Prevention) technology and tools;
- Work with threat intelligence partner and help to direct responses to potential findings;
- Understand and work to keep information security policies up to date;
- Perform Control Self Assessment and promptly communicate the Head of IT Security and GRC about control deficiencies found;
- Understand Data Privacy laws, such as the CCPA and GDPR, execute and propose compliance actions;
- During the SOC 2 audit, support the Head of IT Security and GRC on providing the control evidences to the auditor;
- Perform vendor and merchant due diligence and security reviews;
- Automation knowledge and skills (e.g. Python) is an advantage.

**Who you are**:

- Bachelor’s Degree in Computer Sciences, Management, Engineering or related areas;
- Experience in information technology audit/consulting;
- Knowledge of Information Security, Data Protection, Privacy, and Risk Management;
- Knowledge of Cloud Security and Amazon AWS;
- Knowledge of Incident Management and Response, Application Security, DLP, SOC 2;
- Advanced English.

**Our perks and benefits**:

- Bradesco health and dental plan, for you and your dependents, with no co-payment cost
- Life insurance with differentiated coverage
- Meal voucher and supermarket voucher
- Home Office Allowance
- Gympass - Platform that gives access to spaces for physical activities and online classes
- Trustly Club - Discount at educational institutions and partner stores
- Monthly happy hours with iFood coupon - We hire a band to do an exclusive show for us
- English Program - Here you have space to develop your English, and you can choose an Online Platform or English Classes in company
- Extended maternity and paternity leave
- Birthday Off
- Flexible hours/Home Office - our culture is remote-first You can work in every city in Brazil
- Welcome Kit - We work with Apple equipment (Macbook Pro, iPhone) and we send many more treats Spoiler alert: Equipment can be purchased by you according to internal criteria
- Annual premium - As a member of our team, you are eligible to receive an annual bonus, at the company's discretion, based on the achievement of our KPI's.

LIRemote- Check out our Brazil Life page on Linkedin for more details about Brazil, our culture and much more.

At Trustly, we embrace and celebrate diversity of all forms and