Compliance Specialist

• Manage and ensure the organization’s compliance with applicable standards, certifications, and laws related to data privacy (e.g., GDPR) and cybersecurity (e.g., NIS2, CRA, ISO 27001).
  
• Serve as the primary point of contact for all compliance-related issues, liaising with internal teams, external auditors, and regulatory bodies.
  
• Promote and foster organizational awareness of cybersecurity and data privacy requirements through training, communication, and engagement initiatives.
  
• Conduct regular assessments and audits to identify compliance gaps and implement corrective actions.
  
• Collaborate with IT and network teams to support the implementation of secure systems and infrastructure aligned with compliance requirements.
  
• Develop and maintain documentation, policies, and procedures to support compliance efforts.Monitor changes in regulatory frameworks and standards, ensuring the organization adapts to new requirements in a timely manner.
  

Requirements

• Proven expertise in compliance, with a strong understanding of cybersecurity and data privacy regulations.
  
• Specialist knowledge of ISO 27001 standards and implementation.
  
• In-depth understanding of the NIS2 Directive and its application to organizational cybersecurity.
  
• Expertise in the Cyber Resilience Act (CRA) and its implications for systems and infrastructure.
  
• Experience ensuring compliance with data privacy regulations, such as GDPR.
  
• Bachelor’s degree in Information Systems, Cybersecurity, Law, or a related field (or equivalent professional experience).
  
• Strong knowledge of information systems, networks, and infrastructure management in the context of cybersecurity.
  

• Ability to conduct compliance audits and gap analyses for ISO 27001, NIS2, CRA, and GDPR.
  
• Familiarity with risk assessment methodologies and tools for cybersecurity and data privacy.
  
• Proficiency in developing and implementing policies, procedures, and training programs related to compliance.
  
• Experience working with cross-functional teams to integrate compliance requirements into IT and network operations.
  

• Good Communication: Ability to clearly articulate complex compliance requirements to diverse audiences, including technical and non-technical stakeholders.
  
• Cordiality and Professionalism: Maintain a courteous and professional demeanor in all interactions, fostering trust and collaboration.
  
• Making It Happen: Proactive and results-driven approach to achieving compliance goals and resolving challenges.
  
• Commitment: Strong dedication to upholding the organization’s compliance standards and protecting its data and systems.
  

• Fluency in English (written and verbal) is mandatory; proficiency in [insert other relevant language, e.g., Portuguese, if applicable] is a plus.
  
• Ability to work independently and collaboratively in a dynamic, fast-paced environment.
  
• Strong organizational skills and attention to detail, with the ability to manage multiple priorities and deadlines.