CareersJobsData

GRC Analyst

GRC Analyst

Data

Governance

São Paulo, SP

Remote

SHARE

Why join us

TRACTIAN is transforming the industrial world by empowering frontline maintenance workers to achieve more. We’ve fused cutting-edge hardware with innovative software into one powerful platform, disrupting legacy systems and delivering smarter, faster solutions for our clients.

At TRACTIAN, you'll break boundaries, question convention, and collaborate with top talent to drive real change. As a part of our growth-stage startup, you’ll work alongside the founders, shaping the vision, products, and experiences that will define the future of industrial tech.

Governance at TRACTIAN

The Governance team ensures that data across TRACTIAN is managed effectively, with a focus on accuracy, consistency, and compliance. This department establishes policies and procedures that define how data is handled, ensuring that it is accessible to the right people and used appropriately. Data Governance is responsible for maintaining data quality and integrity, enforcing regulatory compliance, and making sure that all data processes align with both internal and external standards, allowing TRACTIAN to operate efficiently and ethically.


What you'll do

As a GRC Analyst, your primary responsibility will be to ensure the company’s adherence to governance, risk, and compliance standards. You will conduct thorough assessments, identify potential risks, and implement strategies to mitigate them. Your work will directly contribute to strengthening our risk management framework, ensuring regulatory compliance, and enhancing internal controls through detailed analysis and proactive risk identification.

Responsibilities

  • Perform Business Impact Analysis (BIA), mapping processes and identifying RTO and RPO.

  • Map processes and identify risks, creating and implementing action plans.

  • Update internal policies and procedures for BCP and Disaster Recovery.

  • Collaborate with other departments to create and modify operational processes and agreements and execute actions from action plans.

  • Conduct and document regular tests for recovery and continuity plans (disaster recovery exercise, backup & data recovery, etc.).

  • Implement improvements and corrections stemming from audits and assessments.

  • Monitor and conduct assessments to ensure the effectiveness of internal controls.

  • Implement privacy controls following the company’s governance guidelines and LGPD, GDPR, and CCPA regulations.

  • Assist in the continuous improvement of compliance with ISO 27001, 27002, 22301, and 22313 standards.

Requirements

  • Background in IT, auditing, compliance, and quality.

  • Experience with ISO 27001, 27002, 22301, and 22313 standards.

  • Strong knowledge of LGPD, GDPR, and CCPA.

  • Hands-on experience in executing action plans and implementing controls.

  • Advanced English proficiency.

COMPENSATION

  • • Competitive salary and stock options

  • • Optional fully funded English / Spanish courses

  • • 30 days of paid annual leave

  • • Education and courses stipend

  • • Earn a trip anywhere in the world every 4 years

  • • Day off during the week of your birthday

  • • Up to R$1.000/mo for meals and remote work allowance

  • • Health plan with national coverage and without coparticipation

  • • Dental Insurance: we help you with dental treatment for a better quality of life.

  • • Gympass and Sports Incentive: R$300/mo extra if you practice activities

I want to apply

If you want to build a ship, don't organize people to collect wood, assign them tasks, and give orders. Instead, teach them to long for the vast and endless sea.

Antoine Saint-Exupery