**Description** Ensure compliance maintenance and health by guaranteeing that processes, technologies, and people comply with all applicable security, privacy, legal, and regulatory requirements in the Cloud domain. **Responsibilities and Duties** Manage risks related to the Management System (MS) using a methodology based on industry best practices; Execute control and monitoring of the treatment of registered risks, following the internally defined methodology and market standards; Prepare reports and presentations in accordance with best practices, internal methodologies, and templates; Conduct and measure periodic Security and Privacy awareness activities for Cloud through training sessions, informational materials, interactive exercises with employees and/or other internally defined methods; Develop and maintain up-to-date compliance documentation (including MS maintenance), aligned with market best practices, internal methodologies, and templates; Implement adherence to standards, laws, and regulations by performing periodic analyses and measurements based on market best practices, including logging and monitoring of findings and their resolutions; Lead internal and external audits, coordinating and facilitating interviews between auditors and internal departments, and responding to MS-related requirements; Support Cloud customer audits focused on information security and privacy by providing guidance and evidence per internal processes; Address customer inquiries and questionnaires regarding Cloud security and privacy, handling requests and tickets via official support and communication channels; Execute compliance alignment activities for processes and environments (new or existing) through engagement, guidance, and direction provided to Cloud teams; Provide advisory support to projects from other areas that may impact any security and/or privacy controls, conducting analyses based on industry best practices; Handle departmental requests using service and activity management tools; Review contracts and proposals, assessing the applicability of security and privacy clauses; Document how controls and requirements conform to applicable standards; Assess contractual clauses involving the Cloud area related to Information Security and Privacy, as well as develop terms and other necessary documentation. **Requirements and Qualifications** Brazilian General Data Protection Law (LGPD); General Data Protection Regulation (GDPR) – Fundamental Concepts; Cybersecurity; ISO 27001; ISO 27701; SOC 1; Information Security and/or Privacy Audits; CIS Controls; Cloud Security Alliance; Cloud Services; BACEN Regulations.