Attorney – Privacy Governance, ECA Digital

Arco Educação

Senior Analyst in Privacy Governance at Arco Educação managing KPIs and metrics. Requires extensive knowledge in security frameworks and privacy regulations.

Posted 6/1/2026full-timeRemote • 🇧🇷 BrazilMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

Grafana

About the role

Key responsibilities & impact

KPI and Process Improvement Management: Develop, update and continuously monitor the area’s KPIs, KRs and KRIs, focusing on incidents, vulnerability remediation and third‑party compliance;
Review and Escalation: Act as the technical review point for deliveries from other analysts, using critical thinking to identify blockers and perform accurate escalations to the coordination team;
Executive Communication and Storytelling: Create high‑impact executive presentations that tell a clear story about security posture and progress toward the 2026 objectives;
AI and Emerging Technologies Governance: Support the coordination team in applying frameworks (ISO 42001, NIST AI RMF) to AI projects, ensuring innovation is ethical and secure;
Privacy and ECA Digital: Ensure processes comply with the ECA Digital and LGPD, supporting Privacy by Design monitoring for new products and services;
Visibility: Master building dashboards in Looker, Power BI or Grafana to translate maturity and risks into actionable, real‑time data;
360° Risk Management: Prepare and defend risk analyses connecting technical failures (e.g., vulnerability backlog) to real business impacts.

Requirements

What you’ll need

Senior experience in GRC with a focus on Information Security: Strong command of frameworks (NIST CSF, CIS Controls, ISO 27001/27002/27005/29134);
Proficiency with Visualization Tools: Advanced hands‑on experience with Looker, Power BI, Grafana or similar tools for indicator management;
Privacy Knowledge: Solid understanding of LGPD, knowledge of ECA Digital requirements and AI governance principles;
Metrics Management: Experience defining and tracking KRs and KRIs within Information Security structures;
Synthesis Ability: Exceptional skill in creating executive presentations for leadership forums and committees;
Knowledge of Security Best Practices: Understanding of Security by Design concepts, vulnerability management and incident response;
Critical Thinking: Ability to analyze data and identify what truly needs to be reported or remediated;
Organization and Accountability: Rigorous discipline to keep KPI controls up to date and to drive progress from the team’s analysts;
Systemic View: Understand how a delay in a vulnerability fix impacts the global resilience KR;
Influence and Stakeholder Management: Ability to guide colleagues and build trust with cross‑functional partners.

Benefits

Comp & perks

Meal allowance and/or food voucher
Health and dental insurance
Transportation allowance
Enhanced maternity and paternity leave
Childcare assistance
Health & wellbeing support: partnerships with Wellhub and Zenklub
Education support/incentives
Discounted airline tickets
Partnered pet health insurance
Access to Arco educational materials for employees’ children
Partnerships for MBA and postgraduate programs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

KPI managementKRI managementvulnerability remediationrisk analysisinformation security frameworkssecurity best practicesincident responsemetrics managementprivacy by designAI governance

Soft Skills

critical thinkingexecutive communicationstorytellingsynthesis abilityorganizationaccountabilityinfluencestakeholder management