Information Security Coordinator (GRC)

Description

Job Summary: We are seeking a professional passionate about education and technology to serve as a GRC reference, coordinating the evolution of information security and compliance. Key Highlights: 1. Serve as a reference in GRC, technology, and cybersecurity. 2. Lead the implementation and evolution of frameworks and standards (ISO 27001, LGPD). 3. Coordinate IT and cybersecurity risk management. We are looking for people who are **passionate** about **education** and **technology**! We want you to thrive in an environment that demands the integration of **multiple competencies**, **experiences**, and a **results-oriented focus**, enabling us to leave our legacy in the world. If you, like us, are passionate about education and technology, UOL EdTech is the place for you! **Check out this opportunity and join us as \#EdTecher!** **Responsibilities and Duties** * Serve as a reference and coordinator for GRC applied to Technology and Cybersecurity, ensuring the advancement of maturity in Information Security, Risk Management, and Compliance. * Lead the implementation and evolution of frameworks and standards (ISO 27001/27002, SOC 2, NIST, CIS Controls, and LGPD), ensuring regulatory compliance and alignment with the risk strategy. * Coordinate IT and Cybersecurity risk management, including identification, assessment, treatment, monitoring, and executive reporting, integrated into the Corporate Risk Program. * Conduct maturity assessments and gap analyses, supporting structured evolution plans. * Develop and maintain Information Security and Technology policies, standards, and controls, ensuring regulatory adherence and practical applicability. * Supervise security controls (IAM, SoD, logging, hardening, and access management). * Coordinate Third-Party Risk Management, including evaluation and monitoring of supplier, cloud, and SaaS risks. * Support data protection and LGPD compliance, including information classification and DLP initiatives. * Coordinate operational continuity and resilience (BIA, PCN, and DRP). * Prepare executive reports, KPIs, and KRIs, serving as the interface with Committees, Executive Management, auditors, and regulators. * Promote a security and governance culture, acting as the focal point for the GRC team. **Requirements and Qualifications** * Solid experience in GRC applied to Technology and Cybersecurity. * Practical knowledge of frameworks and standards such as ISO 27001/27002, NIST CSF, CIS Controls, SOC 2, and LGPD. * Experience in IT, cybersecurity, and third-party (TPRM) risk management. * Experience leading teams and strategic projects. **We are a company that transforms lives through education powered by technology, offering a complete ecosystem of solutions for students, educational institutions, and enterprises.** We work hard to deliver the best digital learning experience, helping remove barriers, expanding access to quality education, and leaving our legacy in the world. UOL EdTech is part of Grupo UOL, a 100% Brazilian company revolutionizing the digital universe since 1996; from this legacy, we carry credibility, pioneering spirit, and innovation in our DNA. **Discover Our Ecosystem** We offer a comprehensive education ecosystem that transforms lives! Our business verticals are: * **For Students:** We offer the largest online study platform, facilitating daily access to knowledge, empowerment, and shaping people’s futures. In Brazil, we operate under the Passei Direto brand, and globally under the Studenta brand. * **For Enterprises:** We have two business lines: Learning.Rocks provides a complete solution addressing corporate training needs by combining technology and multi-format content. Qulture.Rocks supports enterprises in unlocking their teams’ potential through a people and performance management platform. * **For Educational Institutions:** We are the technological partner for major universities delivering 100% online specialization courses, enrolling students across Brazil and worldwide. **We Are Passionate About Education and Technology** Technology fuels us—we constantly seek disruptive, technology-driven solutions to break down barriers and bring our education solutions to every corner of the world! **The Collective Is Stronger Than the Individual** We always pursue the best outcome—even if it means changing course. We’re on a long-term journey building a sustainable, high-impact business. We are \#EdTechers, and this is how we think and act! **Our Differences Add Up to Fulfill Our Purpose** We believe diversity and plurality of people drive extraordinary results! Therefore, we do not discriminate based on disability, gender, sexual/affectional orientation, race/ethnicity, age, origin, family composition, or physical appearance. **Discover the Benefits of Being \#EdTecher** You’ll receive a comprehensive benefits package that truly makes a difference: * Meal allowance and/or food voucher. * Health and dental insurance. * Life insurance. * Partnerships with TotalPass and ZenKlub. * Extended maternity and paternity leave. * Childcare allowance. * Discounts of up to 50% on postgraduate programs and MBAs offered by top institutions such as FIA, FAAP, and PUCRS. **And there’s more—take a look:** * Dress code: Wear whatever makes you feel comfortable. * \#TáDeParabéns: Birthday day off. * Baby gift: Gift for newborns. **Learn How Our Selection Process Works** Not all processes follow the same format. However, most follow a similar sequence: * Application (the one you submit here on Gupy). * Interview with the Recruitment & Selection team. * Technical challenge, which may include a test, case study, portfolio presentation, or a technical discussion with the team. * Interview with the area leadership. **Here’s an Important Tip for You** Pay close attention during each stage of the process, especially during application! We carefully review all applications, which may take some time. If you’re wondering about the timeline for our response, please bear with us. Everyone applying to our positions receives feedback via Gupy—whether positive or negative. Please monitor your application status here and in your email inbox, including the spam folder, okay? So, shall we transform lives through education powered by technology? **Join us as \#EdTecher!**