Responsibilities
- Perform Business Impact Analysis (BIA), mapping processes and identifying RTO and RPO.
- Conduct the identification, mapping, assessment, and management of both operational and strategic risks across the organization, ensuring compliance with all applicable regulations and internal policies.
- Keep all the BCP and Disaster Recovery documents up to date.
- Develop, implement, and update company-wide compliance processes, procedures and rules to ensure alignment with corporate goals, legal requirements, and industry standards.
- Collaborate with other departments to create and modify operational processes and agreements and execute actions from action plans.
- Conduct and document regular tests for recovery, continuity plans (disaster recovery exercise, backup & data recovery, etc.) also supporting incident response tests.
- Implement privacy controls following the company’s governance guidelines and LGPD, GDPR, and CCPA regulations.
- Support the continuous improvement of compliance with ISO 27001, 27002, 22301 and 22313 standards.
- Monitor and conduct assessments to ensure the effectiveness of internal controls, also implementing improvements considering audits and assessments reports.
- Collaborate with multiple departments and headquarters to ensure effective implementation of compliance programs and provide guidance on risk-related matters to leadership.
- Collaborate to clarify security maturity doubts with stakeholders.
Requirements:
- Background in IT, security, auditing, compliance and/or quality.
- Experience with BCP-DR based on ISO 22301 and ISO 22313, including development of procedures, execution, and documentation of tests.
- Experience with audits and assessments of ISO 27001 and SOC 2.
- Hands-on experience in executing action plans and implementing controls.
- Knowledge with risk management frameworks (ISO 27005, NIST etc.).
- Knowledge of privacy laws (LGPD, CCPA, GDPR, etc.)
- Advanced English proficiency.
Would be a plus:
- Certification related to ISO 27001 and/or privacy (e.g., EXIN or IAPP).
- Experience in using Business Continuity Management (BCM) tools.
- Experiences with Vanta, SAT platforms, EDR, MDM, IAM.
- Other compliance/security certifications.
Top Skills
What We Do
Tractian is a machine intelligence company that offers industrial monitoring systems. Tractian builds streamlined hardware-software solutions to give maintenance technicians and industrial decision-makers comprehensive oversight of their operations. It is democratizing access to sophisticated real-time monitoring and asset operations tools.
Tractian's solutions are used in environments that address a combined total of 5% of global industrial output. The company’s broad market reach is evidenced in its customer base from various industries, such as John Deere, Procter & Gamble, Caterpillar, Goodyear, Carrier, Johnson Controls, and Bimbo, the owner of the brands Little Bites and Thomas Bagels. Tractian's customers see a 6-12x ROI with savings of $6,000 per monitored machine annually on average.
In a major milestone and a first for the industry, Tractian launched the AI-Assisted Maintenance category in the industrial sector. In this new paradigm, artificial intelligence identifies machine problems and suggests preventive actions to be taken, giving invaluable insight and support to maintenance professionals. It is important to highlight that the intent of Assisted Maintenance is firmly rooted in augmenting maintenance professionals to provide more assertive diagnosis with human-in-the-loop feedback.
Tractian's mission is to elevate this category of workers in a highly impactful way. The Assisted Maintenance category will provide unimaginable support for maintenance professionals. By combining shop floor expertise with our technology, maintainers will be able to anticipate and address issues with unprecedented accuracy and speed
