CISO ID43394

Job Description

This is a remote position but we are hiring only in Sao Paulo, Brazil.

AgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI / ML, and our people-first culture has earned us multiple Best Place to Work awards.

If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!

As Director of Information Security , you’ll shape and lead the organization’s global security strategy, ensuring data protection, regulatory compliance, and resilience across all systems. This role offers the opportunity to build and scale a world-class ISMS, influence cross-functional security initiatives, and foster a culture of proactive risk management. You’ll make a lasting impact by aligning cutting‑edge InfoSec practices with business growth and innovation.

• Own and continuously improve the company’s Information Security Management System (ISMS) and associated frameworks, policies, and procedures.
• Oversee implementation of technical, administrative, and physical security controls across all environments.
• Lead risk management, incident response, and vulnerability management programs, ensuring timely detection, containment, and remediation of threats.
• Guide compliance initiatives, including maintenance of ISO / IEC 27001 certification.
• Partner with Engineering and IT to embed security‑by‑design practices in product development and infrastructure.
• Present security posture, risks, and key metrics to executive leadership and stakeholders.
• Promote a company‑wide security awareness and training program to strengthen security culture.

• 8+ years of progressive experience in information security, including 3+ years in a senior leadership or management role;
• Proven experience building and scaling a security program in a cloud‑first or SaaS environment;
• Strong knowledge of ISO / IEC 27001 and risk management methodologies;
• Excellent leadership, communication, and stakeholder management skills, with the ability to translate complex technical issues into business language;
• Hands‑on understanding of cloud security and modern DevSecOps practices;
• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field; relevant certifications (CISSP, CISM, CISA, ISO 27001 Lead Implementer / Auditor) are a plus;
• Upper‑intermediate or higher English proficiency.

• Experience implementing Privacy Information Management Systems (ISO / IEC 27701) or SOC 2 Type II.
• Background in application security, threat modeling, or red / blue team operations.
• Familiarity with security automation, SIEM / SOAR, and modern monitoring technologies.

• Professional growth : Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps.
• Competitive compensation : We match your ever‑growing skills, talent, and contributions with competitive USD‑based compensation and budgets for education, fitness, and team activities.
• A selection of exciting projects : Join projects with modern solutions development and top‑tier clients that include Fortune 500 enterprises and leading product brands.
• Flextime : Tailor your schedule for an optimal work‑life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.

8+ years of progressive experience in information security, including 3+ years in a senior leadership or management role; Proven experience building and scaling a security program in a cloud‑first or SaaS environment; Strong knowledge of ISO / IEC 27001 and risk management methodologies; Excellent leadership, communication, and stakeholder management skills, with the ability to translate complex technical issues into business language; Hands‑on understanding of cloud security and modern DevSecOps practices; Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field; Upper‑intermediate or higher English proficiency.