Open Finance API platform for Latam.

Security GRC Specialist

🇧🇷 São Paulo / 🇲🇽 Mexico City / 🇨🇴Colombia / 🌎Remote
Job Type
Apply to Belvo and hundreds of other fast-growing YC startups with a single profile.
Apply to role ›

About the role

  A little bit about us:

We are Belvo, a financial API platform with the bold vision of democratizing access to financial services in Latin America. We enable any company or developer to access and interpret their end-users’ financial information. We are turning the rich and diverse Latin American financial ecosystem into a set of developer-friendly tools and APIs.

We’re a highly-technical, passionate and driven team. We are more than 100 people, our team currently represents 26 nationalities and we have offices in Barcelona, Mexico City, and São Paulo - while a large portion of us works remotely.

We are tackling a very stimulating problem: connecting fintech innovators with legacy financial infrastructure. We strive to go beyond the limits of what is possible today and to do so in an elegant and developer-first way.

Since starting our adventure in May 2019, we have raised $56m from the leading VC investors globally.

You can read more about our company here and about our team and culture here. Also, head to our blog for more news about our growth and how we have fun together.

About the team:

  • We work in cross-functional, autonomous teams. We follow continuous delivery best practices executed on top of a modern technology stack. 

  • Our products are built for developers, by developers. Technological excellence is at the heart of what we do.  

  • We are pragmatic and customer-focused. We strive to find the right set of trade-offs in order to validate our hypothesis as early as possible, iterating on our products based on customer feedback. 

  • We communicate transparently. We do weekly all-hands where we get together to discuss company performance and goals.

  • We are a flexible international team focused on creating cool stuff. Some of us prefer to work together in one of our offices and others prefer remote. For us, there's no difference as long as you have an excellent internet connection and are able to overlap with the team between 3 pm and 6 pm, CEST timezone. 

  • Also, we are backed by some of the leading investors in Silicon Valley and Latin America, including Founders Fund, Kaszek Ventures, and YCombinator.

Your opportunity:

At Belvo, the security team is responsible for all aspects of information security. We focus on application and infrastructure security, compliance with regulations, and a positive reinforced security culture.

Our customers rely on us to run their financial operations. We hold ourselves to the highest standards when it comes to protecting data and operations. Our line of business requires compliance with a wide variety of regulations and good relationships with authorities. 


  • Develop and implement effective and reasonable policies and practices to secure sensitive data, ensure information security and compliance with relevant legislation

  • Support the organization-wide information security compliance program, ensuring activities, processes, and procedures meet defined requirements, policies and regulations

  • Improve and grow our risk based decision making process

  • Execute our strategy for dealing with an increasing number of audits, compliance checks and external assessment processes for internal/external auditors, ISO/IEC-27001, SOC-2, PCI-DSS

  • Coordinate and track all information technology and security related audits

  • Make efforts measurable by introducing representative KPI

  • Lead the security due diligence and due care process for our vendors, tools and providers

  • Foster a culture that sees compliance and security as the most important product feature

This position may be for you if:

  • Knowledge of applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations

  • Critical thinking and drive to learn/create 

  • Understanding of cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration

  • Eager to solve regulatory challenges with innovation and technology

  • Excellent spoken and written English

Amazing if:

  • Experience with project management

  • Able to speak publicly and present professionally

  • Effectively communicate technical issues to diverse audiences, both in writing and verbally

  • Experience with ISO/IEC-27001

  • Experience with Fintech industry regulations

  • Experience with Fintech regulation in Mexico, Brazil or Colombia

  • Working in a global team

Our tech stack:

  • We’re building our platform using modern technologies, putting the focus on reliability and long-term maintainability

  • We primarily use Python on the backend. We use battle-tested technologies such as Django, and we are heavy users of Python’s asyncio for some parts of our stack

  • We use Javascript, Vue.js and Sass on the frontend. We are developing and leveraging our own design system and component library

  • We run our infrastructure on top of Amazon Web Services, leveraging managed services. We tend to favor the use of managed services wherever possible, in order to focus on our business problems

  • We observe and monitor our services using Datadog

  • We follow Continuous Integration and Continuous Delivery best practices

Our process steps:

At Belvo every hire is so important to us, that we share the decision to hire as a team.

  • People team chat

  • Take-home challenge

  • Challenge presentation

  • Meet the founders

Our perks:

🚀 Stock options (we are all owners and this is very important to us)

📈 Annual company bonus

🔆 Flexible working hours

🔝 Remote friendly

🐶 Pet friendly

🧘🏾‍♀️ Access to mental health service

👩🏻‍⚕️ Health Insurance

🎊 Paid time off on your birthday

🌎 Work from any office twice per year

💻 Renew your laptop every 3 years

🙋 Training Budget

😎 Team building events

🙀 Bank holidays swap inside the same month

🔋 Fitness/ wellness stipends

🚀 Yearly offsite

🍒 Fresh fruit every week, all-you-can-drink tea and coffee

🏝 1 week off on your 2-year anniversary

Why you should join Belvo

Belvo is a financial API platform for Latam that enables any company or developer to access and interpret their end-users' financial information, through one easy-to-use API. Think Plaid for Latam.

Team Size:150
Location:São Paulo, Brazil
Oriol Tintore
Oriol Tintore
Pablo Viguera
Pablo Viguera