Security & Compliance Specialist

Welcome to Nutrium

Before you apply, here's the key thing: our mission is to promote global well-being by making quality 1:1 nutrition accessible to everyone.

A lot has changed since we started, but our mission is still at the heart of everything we do — it's written in our culture book, in our proposals, in our docs, and it guides every decision we make.

It's also what allowed us, for years, to improve the experience of nutrition professionals and their patients through the world's #1 nutrition counseling platform. But we didn't stop there.

Today, with Nutrium Care, we're taking the next step: bringing real, personalized nutrition to people anytime, anywhere, and helping them build healthier, happier lives.

Along the way, we raised our Series A and surpassed €15M in funding, partnered with global leaders like Vodafone, Adidas, Wellhub, and Linde, and reached millions of people around the world.

From day one, we also knew something else: building this future would take more than great tech. It would take a place where talented people can grow, feel supported, and actually enjoy the journey along the way.

You go first

We're proud of our journey so far, and we believe there's space for more people to shine, challenge us, and help shape what comes next.

⭐ What you will bring

Nutrium is growing fast and going global, and with that, security, privacy, and compliance have moved to the centre of how we earn and keep customer trust. Prospects run security reviews before they sign, and every new market raises the bar. This role exists to own that work.

You'll be our go-to person for compliance across frameworks and you'll run our GRC platform day to day, keep controls and evidence audit-ready, and give clients clear answers about how we handle their data.

⭐ What you will be doing

• Own compliance execution across Nutrium's security and privacy frameworks (ISO 27001, ISO 27701, SOC 2, ISO 9001, HIPAA, and GDPR);

• Manage Nutrium's GRC platform end to end: controls, evidence, tasks, audits, and remediation plans;

• Prepare for and support internal and external audits, from scoping to evidence collection;

• Maintain and improve internal policies, procedures, controls, and compliance documentation;

• Partner with internal teams (Engineering, Legal and Operations), and external consultants, to turn requirements into practical implementation;

• Respond to security questionnaires and due diligence requests from prospects and clients;

• Support meetings with national and international clients on security, privacy, compliance, and data flows;

• Provide operational legal support, when needed.
  
  

⭐ You might be a great fit if you...

• Hold a Degree in Law, Information Security, Cybersecurity, Data Protection, or a related field (a Degree from NOVA IMS is a plus!);

• Have between 1 - 3 years of experience in compliance, legal operations, privacy, risk, governance or a similar area, ideally in a regulated environment (healthcare, SaaS or fintech is a plus!);

• Have hands-on experience with at least one major framework (ISO 27001, SOC 2, or GDPR), and familiarity with the others;

• Have experience working with GRC platforms to manage controls, evidence and audit cycles (nice to have);

• Are highly organized, structured and detail-oriented, with strong ownership over follow-ups and deadlines;

• Bring exposure to HIPAA or health-data privacy, or a relevant certification (ISO 27001 Lead Implementer or Auditor, CIPP, CISA), or are working towards one;

• Thrive in a fast-moving scale-up where processes are still being built;

• Are comfortable preparing for and supporting internal and external audits;

• Have experience responding to client security questionnaires and due diligence requests;

• Thrive in collaborative environments and enjoy working with cross-functional teams and external consultants;

• Are fluent in Portuguese and English (additional languages are a plus).
  

Now, it's our turn

Transparency is one of our core values, so here's exactly what you can expect from Nutrium:

• Gross annual salary: €19,600 - €29,400, depending on your experience.

• Perks and benefits:

  • A flexible work model and hours

  • 27 days of annual leave

  • Unlimited nutritional appointments (via Nutrium Care)

  • Unlimited psychology sessions

  • Health insurance

  • Meal allowance: 10,46€ per working day

  • Professional development budget

  • Snacks and good coffee in the offices

  • A multicultural team that enjoys spending time together, not just while working, but also through team activities, social events, and our annual offsite.
    

🚀 How we'll get to know each other

A quick overview of what our hiring journey looks like:

1. CV screening

2. First interview with the recruiter

3. Technical interview with the Legal team

4. Final Interview
   

We're committed to making our hiring process fair, inclusive, and human.

We aim to build a team that reflects the diversity of the world we live in. That means welcoming people of all races, ethnicities, genders, sexual orientations, ages, abilities, religions, and backgrounds.

If you're excited about this role but your experience doesn't align perfectly with every requirement, we still encourage you to apply. You might be exactly who we're looking for.

A note on our hiring process

We want our interviewers focused on you. To help with that, interviews may be recorded via Teamtailor Meet, with the support of AI note-taking tools.

If you'd prefer not to be recorded, just let us know before the interview begins. This won't change anything about how we assess you.