Return to jobs Return to jobs

GRC Analyst - Cybersecurity



Posted over 30 days ago...

Join the Passionate Team at Braze as a Security Analyst in São Paulo


icon Salary

No salary declared 😔

icon Location

São Paulo

icon Nomad Friendly?

In-person- São Paulo Brazil

icon Expires

Expires at anytime

Organisation summary

Braze is a cutting-edge customer engagement platform that fosters meaningful connections between consumers and their favorite brands. Recognized globally as a Great Place to Work®, Braze empowers marketers with data-driven insights to engage customers creatively and in real-time. With accolades across various categories and an inclusive, vibrant culture, Braze offers a dynamic environment where your work makes a real impact. Join our team across international hubs or remotely and become part of our success story.

Role Summary

  • Evaluate and recommend improvements for security controls within the organization.
  • Collaborate on internal and external audits for compliance frameworks like ISO27001 and SOC 2.
  • Conduct vendor security reviews and define Information Security requirements.
  • Advocate for Braze's security program to clients and internal teams.
  • Develop strategies to reduce technology risk alongside security engineers.

Role Requirements

  • 2-3 years of experience in compliance or risk within the tech industry.
  • Familiarity with ISO 27001, SOC 2, NIST, and other security frameworks.
  • Proficiency in writing policies and conducting risk assessments.
  • Passion for security and risk management.
  • Experience in threat modeling is a bonus.

At Braze, we have found our people. We’re a genuinely approachable, exceptionally kind, and intensely passionate crew.

We seek to ignite that passion by setting high standards, championing teamwork, and creating work-life harmony as we collectively navigate rapid growth on a global scale while striving for greater equity and opportunity – inside and outside our organization.

To flourish here, you must be prepared to set a high bar for yourself and those around you. There is always a way to contribute: Acting with autonomy, having accountability and being open to new perspectives are essential to our continued success. Our deep curiosity to learn and our eagerness to share diverse passions with others gives us balance and injects a one-of-a-kind vibrancy into our culture.

If you are driven to solve exhilarating challenges and have a bias toward action in the face of change, you will be empowered to make a real impact here, with a sharp and passionate team at your back. If Braze sounds like a place where you can thrive, we can’t wait to meet you.


We're seeking an English speaking Security Analyst to join our São Paulo based Security Engineering team to help Braze achieve and maintain authorization and certifications that enable us to be competitive. The GRC team is responsible for audit readiness and risk mitigation across the organization. You will be helping build internal and external compliance programs and will be exposed to a wide range of security controls protecting  endpoint infrastructure, modern cloud-based containerized application deployments, and Web applications/API’s. You will work directly on the Security Engineering team, a technical team which will expose you to technical concepts, and the ability to have questions answered/evidence procured easily. In addition to helping guide the organization through compliance and risk frameworks, you will be a customer-facing advocate for the Braze security program, interacting with internal pre and post-sales teams to meet client expectations for compliance, technical controls, policy, and governance.


  • Evaluate security controls on new and existing systems, processes, and technology to ensure the adequacy and the effectiveness and provide value-added recommendations.
  • Collaborate with cross-functional teams to gather evidence in support of internal and external audits such as ISO27001, SOC 2, HIPAA, and other compliance frameworks.
  • Conduct vendor security reviews prior to onboarding with our Whistic software solution.
  • Collaborate to define Information Security requirements and develop/update policies and standards
  • Work with internal pre- and post-sales teams, as well as the Legal and Privacy team, to meet client expectations for compliance, technical controls, policy, and governance.
  • Work with security engineers to implement the enterprise-wide strategy and key initiatives focused on the reduction of technology risk.


  • You have at least 2-3 years of formalized experience in compliance or risk in the context of the tech industry.
  • You are familiar with ISO 27001, SOC 2, NIST and other Security frameworks.
  • You are able to write policies and procedures that satisfy customer and internal requirements.
  • You know how to conduct risk assessments and manage risk across multiple teams and assets.
  • You enjoy evangelizing about security and risk to anyone who will listen, be it Braze employees, Braze customers, or contractors.


  • You have a background in threat modeling.


Details of these benefits plan will be provided if a candidate receives an offer of employment. Benefits may vary by location.

From offering comprehensive benefits to fostering flexible environments, we’ve got you covered so you can prioritize work-life harmony.

  • Competitive compensation that may include equity
  • Retirement and Employee Stock Purchase Plans
  • Flexible paid time off
  • Comprehensive benefit plans covering medical, dental, vision, life, and disability
  • Family services that include fertility benefits and equal paid parental leave
  • Professional development supported by formal career pathing, learning platforms, and tuition reimbursement
  • Community engagement opportunities throughout the year, including an annual company wide Volunteer Week
  • Employee Resource Groups that provide supportive communities within Braze
  • Collaborative, transparent, and fun culture recognized as a Great Place to Work®


Braze is a leading customer engagement platform that powers lasting connections between consumers and brands they love. Braze allows any marketer to collect and take action on any amount of data from any source, so they can creatively engage with customers in real time, across channels from one platform. From cross-channel messaging and journey orchestration to Al-powered experimentation and optimization, Braze enables companies to build and maintain absolutely engaging relationships with their customers that foster growth and loyalty.

Braze is proudly certified as a Great Place to Work® in the U.S., the UK and Singapore. We ranked #1 on Great Place to Work UK’s 2023 Best Workplaces (Medium), #3 on Great Place to Work UK’s 2023 Best Workplaces for Wellbeing (Medium), #4 on Great Place to Work’s 2023 Best Workplaces in Europe (Medium), #10 on Great Place to Work UK’s 2023 Best Workplaces for Women (Large), #19 on Fortune’s 2023 Best Workplaces in New York (Large). We were also featured in Built In's 2024 Best Places to Work, U.S. News Best Technology Companies to Work For, and Great Place to Work UK’s 2023 Best Workplaces in Tech.

You’ll find many of us at headquarters in New York City or around the world in Austin, Berlin, Chicago, Jakarta, London, Paris, San Francisco, Singapore, Sydney and Tokyo – not to mention our employees in nearly 50 remote locations.

Please see our Candidate Privacy Policy for more information on how Braze processes your personal information during the recruitment process and, if applicable based on your location, how you can exercise any privacy rights.


Hire with Escape

Showcase your progressive organisation and post your open roles to the biggest UK community of purpose driven job seekers.

Get Started