Compliance & Framework Management: Design, implement, maintain, and certify the company's Information Security Management System (ISMS) under ISO 27001 standards . Manage, audit, and evaluate alignment with other international frameworks such as SOC2, GDPR, ISO 27701 (Privacy), and ISO 42001 (AI Governance) .
Technical Security Execution: Apply hands-on technical skills in penetration testing, secure coding/programming, and infrastructure hardening applied directly to critical production services .
Risk & Vulnerability Assessments: Conduct thorough technical analyses, diagnostics, and security evaluations across different departments and digital initiatives .
Data Protection & Privacy: Oversee the security, management, and publishing of databases, ensuring total compliance with personal data processing and privacy laws
Policy & Strategy Development: Author, update, and enforce information security and digital privacy policies aligned with organizational goals and international best practices .
Cross-Functional Security Support: Provide technical support and strategic cybersecurity guidance for cloud and physical technology infrastructure.

Education & Certifications
Degree: Bachelor’s degree in Systems Engineering or a closely related field . A postgraduate specialization in Information Security or Information Assurance is highly preferred .
Key Certifications (Desirable): * Certified ISO 27001 Internal Auditor .
ITIL Foundation (IT Service Management) .
Advanced training in Cloud Security (e.g., AWS IAM / Security, Google Cloud Platform) .
Experience & Technical Skills
Experience: 4+ years of proven experience in dedicated Security and Compliance roles within fast-paced environments (such as high-growth tech startups) .
Tech Stack Expertise: Strong understanding of Google Cloud Platform (GCP) , AWS Security/IAM , and emerging technologies, including Large Language Models (LLM) Security .
Framework Mastery: Deep, practical knowledge of ISO 27001:2022, SOC2, GDPR, and privacy standards .
Methodologies: Active familiarity with OWASP projects, secure software development lifecycles (DevSecOps), and modern networking security .
Languages: Professional working proficiency in English and native/fluent Spanish .
Soft Skills
Continuous Learner: Passionate about cybersecurity with a mindset dedicated to never stopping learning .
Leadership & Communication: Strong capability to act as a security evangelist, mentor internal teams, or potentially conduct internal training/workshops .
Strategic mindset with previous experience executing security frameworks from scratch to successful certification .

💻 HardwareWith Platzi's help, you will have 100% of the necessary work tools such as a laptop, smartphone, desk, ergonomic chair, monitor, and other accessories.
📗 BooksWe provide you with all the books you need to grow professionally on Kindle, and we give you the Kindle too 😉.
🐣 Maternity/Paternity LeaveAt Platzi, we believe in gender equity and the importance of parents in the upbringing and care of their children. We make this a reality for new mothers and fathers through extended maternity and paternity leave.
💸 Option PoolAll members of the Platzi Team have the opportunity to own a part of Platzi and have company shares.
🌴 VacationYou have 15 days of vacation per year regardless of the country you are in, starting from the moment you join the team.
💆‍♂️ Online TherapyWe care about your emotional health by covering the first four online therapy sessions with specialized companies.
🌐 Team SyncsAlthough we are in different parts of the world, Platzi teams meet in person during the year to exchange ideas, build, and strengthen bonds.
🏖️ Villa PlatziEvery year, the entire team gathers somewhere in the world for a week to meet face-to-face, get to know each other, have interesting discussions, and plan ambitious projects.

Security and Compliance Officer

Key skills