Offer summary

Qualifications:

Experience in Security GRC, audit, or risk management., Knowledge of compliance frameworks like PCI-DSS, SOC 1 and 2, BCB 85/21., Strong communication and documentation skills., Interest in cloud security, automation, and AI tools..

Key responsibilities:

Manage and operate the GRC platform, ensuring controls and risks are tracked.

Support audits and control testing, tracking remediation efforts.

Collaborate with engineering, product, and legal teams to map risks and define controls.

Participate in developing automated GRC bots and explore workflow automation.

Job description

About CloudWalk:

We are not just another fintech unicorn. We are a pack of dreamers, makers, and tech enthusiasts building the future of payments. With millions of happy customers and a hunger for innovation, we're now expanding our neural network - literally and metaphorically.

About the Role

CloudWalk is seeking a Security GRC Analyst with experience in risk management, compliance, and audit readiness to join our fast-paced Compliance team.

We’re not looking for a traditional compliance profile — this is a role for someone who wants to bring GRC into the future: automated, integrated, product-aware, and deeply aligned with how modern technology companies operate.

You’ll help us operate and improve our compliance stack (e.g. PCI, SOC 1 and 2, BCB 85/21), manage risks, and contribute to evolving our security bots and agents that power GRC at scale.

At CloudWalk, we build secure systems without slowing things down. GRC is not a blocker — it’s a platform for trust and scale. You'll join a collaborative team that values curiosity, autonomy, and clean execution.

If you want to leave behind the checklist-driven mindset and move toward real GRC-as-code, this is your place.

What You'll Do

Own the operation of our GRC platform and ensure evidence, controls, and risks are tracked and updated

Support internal and external audits (PCI, SOC 1 and 2, BCB 85/21), control testing, and remediation tracking

Map risks, define controls, and partner with teams across Engineering, Product, and Legal

Participate in the evolution of our automated bots that streamline GRC

Explore opportunities to automate and integrate GRC workflows using APIs, scripts, or AI tools

What You'll Need to Succeed

Previous experience in Security GRC, audit, or risk management

Understanding of frameworks such as PCI-DSS, PCI PIN, PCI SSF, PCI MPoC, SOC 1 and 2, ISO 27001, and BCB Resolution 85/21

Excellent communication and documentation skills

Analytical thinking and structured problem-solving

Eagerness to learn about cloud security, automation, and AI-powered bots

Nice to Have

Familiarity with cloud-native environments

Scripting (Python, Go, or Typescript),

API-based integrations

Security automation tools

Model Context Protocol (MCP)

LLM-based systems

Join us at CloudWalk, where we’re not just engineering solutions; we’re building a smarter, AI-driven future for payments—together.

By applying for this position, your data will be processed as per CloudWalk's Privacy Policy that you can read here in Portuguese and here in English.

Required profile