RPE

GRC Specialist – Privacy & Risk Focus

RPE

full-time

Posted on:

Location Type: Remote

Location: Brazil

Visit company website

Explore more

AI Apply
Apply

About the role

  • Serve as the company's technical reference for personal data governance and security risk management.
  • Lead the maintenance of data mapping (ROPA - Record of Processing Activities).
  • Prepare and manage Data Protection Impact Reports (RIPD) / Data Protection Impact Assessments (DPIA).
  • Support the support team in responding to data subject requests.
  • Monitor the effectiveness of data anonymization and data disposal processes.
  • Define guidelines and oversee the implementation of cookie management and privacy preference tools.
  • Develop and deliver training on Privacy and Information Security.
  • Respond to data breach incidents together with the DPO.
  • Prepare the organization for ISO 27001 maintenance audit cycles.

Requirements

  • Bachelor's degree in Information Technology, Information Security, Engineering, Law, or related fields.
  • Practical experience implementing and/or maintaining Privacy programs (LGPD), including preparation of ROPA, RIPD/DPIA and handling data subject rights.
  • Knowledge of ISO 27001 (focus on controls and audit processes).
  • Organized, autonomous profile with strong communication skills to deliver training and enforce deadlines.
  • Privacy certifications: CDPO, CIPP/E, CIPM (IAPP) or EXIN.
  • ISO 27001 Internal Auditor or Lead Auditor certification.
  • Experience with privacy management tools (e.g., OneTrust).
  • Previous experience in technology companies, payments, or the financial sector is a plus.
Benefits
  • Collaborative and innovative work environment.
  • Contract type: PJ (independent contractor).
  • Remote work model.
  • Opportunity to work at a leading company in the Retail Tech segment.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
data governancesecurity risk managementdata mappingRecord of Processing Activities (ROPA)Data Protection Impact Reports (RIPD)Data Protection Impact Assessments (DPIA)data anonymizationdata disposal processescookie managementprivacy preference tools
Soft skills
strong communication skillsorganizational skillsautonomous profile
Certifications
Bachelor's degreeCDPOCIPP/ECIPM (IAPP)ISO 27001 Internal AuditorISO 27001 Lead Auditor