Information Security Manager

• Act as the market Information Security Officer and single point of contact for cyber security, including regulatory activities.
• Represent the Regional Information Security Office (RISO) in Brazil risk committees.
• Analyze changes to the regulatory environment and develop action plans in coordination with business and technology stakeholders.
• Assist in preparing responses to internal and external audits and examinations related to cyber security.
• Perform risk assessments on business and technology initiatives to determine the residual risk and develop action plans to mitigate risks.
• Develop and implement the cybersecurity incident management plan for the market.
• Support tracking, analysis, and reporting of cyber security incidents and operational risk events.
• Manage market cyber security risks, ensuring alignment with the organization's risk appetite, compliance standards, regulatory requirements and industry best practices.
• Maintain key risk indicators, prepare dashboards showing trends and risk indicator reports for senior management within the market.
• Supervise the development and maintenance of comprehensive risk management frameworks, ensuring that all risk management activities are standardized, documented, and consistently applied across the organization.
• Prepare and present risk assessments to senior leadership and stakeholders, including mitigating actions and compliance status.
• Develop and lead training programs to improve awareness of cyber risks and controls.

• Bachelors degree in Computer Science, Information Systems, Cybersecurity, and / or comparable experience.
• Advanced knowledge of global technology standards and applicable regulations.
• Advanced knowledge of technology and cyber control domains such as Identity & Access Management, Security Architectures, Security Governance & Operations, IT General Controls, Security Testing, and Cloud Security.
• Proficiency in enterprise risk management with an emphasis on operational risk management, technology and cyber risk.
• Excellent communication skills in English and Portuguese, knowledge of Spanish is an asset.

• Experience in technology risk & control and information security.
• Experience working in large and complex organizations and financial regulations.
• Experience in risk assessment methodologies such as the NIST Risk Management Framework and ISO .
• Experience with Compliance Management and Risk Assessment tools such as ServiceNow GRC, SAP GRC, LogicGate, RSA Archer
• Experience with Data Visualization and Reporting tools such as Tableau and PowerBI.

• CISSP, CISM, CRISC

We back you with benefits that support your holistic well-being so you can be and deliver your best.

This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally :

• Competitive base salaries
• Bonus incentives
• Support for financial-well-being and retirement
• Comprehensive medical, dental, vision, life insurance and disability benefits (depending on location)
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
• Generous paid parental leave policies (depending on your location)
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities