Security and Compliance Officer

About the Role

We are seeking a highly skilled and strategic Security and Compliance Officer to lead our information security management, protect critical digital assets, and ensure strict adherence to international security standards.

In this role, you will bridge the gap between high-level compliance framework implementation and hands-on technical execution (pentesting, hardening, and secure architecture) . You will be responsible for scaling our Information Security Management System (ISMS) and driving a proactive security culture across the entire organization.

Key Responsibilities

• Compliance & Framework Management: Design, implement, maintain, and certify the company's Information Security Management System (ISMS) under ISO 27001 standards . Manage, audit, and evaluate alignment with other international frameworks such as SOC2, GDPR, ISO 27701 (Privacy), and ISO 42001 (AI Governance) .
• Technical Security Execution: Apply hands-on technical skills in penetration testing, secure coding/programming, and infrastructure hardening applied directly to critical production services .
• Risk & Vulnerability Assessments: Conduct thorough technical analyses, diagnostics, and security evaluations across different departments and digital initiatives .
• Data Protection & Privacy: Oversee the security, management, and publishing of databases, ensuring total compliance with personal data processing and privacy laws
• Policy & Strategy Development: Author, update, and enforce information security and digital privacy policies aligned with organizational goals and international best practices .
• Cross-Functional Security Support: Provide technical support and strategic cybersecurity guidance for cloud and physical technology infrastructure.

Requirements & Qualifications

Education & Certifications

• Degree: Bachelor’s degree in Systems Engineering or a closely related field . A postgraduate specialization in Information Security or Information Assurance is highly preferred .
• Key Certifications (Desirable): * Certified ISO 27001 Internal Auditor .
• ITIL Foundation (IT Service Management) .
• Advanced training in Cloud Security (e.g., AWS IAM / Security, Google Cloud Platform) .

Experience & Technical Skills

• Experience: 4+ years of proven experience in dedicated Security and Compliance roles within fast-paced environments (such as high-growth tech startups) .
• Tech Stack Expertise: Strong understanding of Google Cloud Platform (GCP) , AWS Security/IAM , and emerging technologies, including Large Language Models (LLM) Security .
• Framework Mastery: Deep, practical knowledge of ISO 27001:2022, SOC2, GDPR, and privacy standards .
• Methodologies: Active familiarity with OWASP projects, secure software development lifecycles (DevSecOps), and modern networking security .
• Languages: Professional working proficiency in English and native/fluent Spanish .

Soft Skills

• Continuous Learner: Passionate about cybersecurity with a mindset dedicated to never stopping learning .
• Leadership & Communication: Strong capability to act as a security evangelist, mentor internal teams, or potentially conduct internal training/workshops .
• Strategic mindset with previous experience executing security frameworks from scratch to successful certification .

💻 Hardware

With Platzi's help, you will have 100% of the necessary work tools such as a laptop, smartphone, desk, ergonomic chair, monitor, and other accessories.

📗 Books

We provide you with all the books you need to grow professionally on Kindle, and we give you the Kindle too 😉.

🐣 Maternity/Paternity Leave

At Platzi, we believe in gender equity and the importance of parents in the upbringing and care of their children. We make this a reality for new mothers and fathers through extended maternity and paternity leave.

💸 Option Pool

All members of the Platzi Team have the opportunity to own a part of Platzi and have company shares.

🌴 Vacation

You have 15 days of vacation per year regardless of the country you are in, starting from the moment you join the team.

💆‍♂️ Online Therapy

We care about your emotional health by covering the first four online therapy sessions with specialized companies.

🌐 Team Syncs

Although we are in different parts of the world, Platzi teams meet in person during the year to exchange ideas, build, and strengthen bonds.

🏖️ Villa Platzi

Every year, the entire team gathers somewhere in the world for a week to meet face-to-face, get to know each other, have interesting discussions, and plan ambitious projects.