Information Security Manager/Brazil/ Vbet

We are seeking a highly experienced and strategic ISM (Information Security Manager) to establish, manage, and mature our comprehensive information security framework in Brazil. This role is crucial for protecting our digital assets, customer data, and ensuring strict compliance with local regulations, including the LGPD (Lei Geral de Proteção de Dados). The ISM (Information Security Manager will be responsible for defining the security vision, strategy, and architecture, serving as the top security authority in the region.

Location: São Paulo, Brazil

Type: Full-time (on-site only)

• Develop, implement, and maintain a robust information security strategy, roadmap, and architecture aligned with business goals and global security standards
• Establish and enforce security policies, procedures, and guidelines across all departments and systems within the Brazilian operation
• Manage and control the annual Information Security budget, ensuring optimal resource allocation for protection measures
• Oversee regular security risk assessments, vulnerability management, and penetration testing programs
• Ensure rigorous compliance with all relevant Brazilian and international regulations, most notably the LGPD (Lei Geral de Proteção de Dados), and industry standards
• Lead the incident response team, developing protocols for managing security breaches, conducting post-incident analysis, and minimizing business impact
• Define standards for network security, cloud security (AWS / Azure), application security, and data protection mechanisms (DLP, encryption)
• Manage security technologies (SIEM, EDR, Firewalls) and ensure their effective operation and monitoring 24 / 7
• Manage, maintain, and continuously improve the Information Security Management System (ISMS) in accordance with ISO / IEC 27001
• Coordinate security efforts with IT Operations and Development teams (SecDevOps) to embed security into the entire Software Development Life Cycle (SDLC)
• Develop and deliver mandatory security awareness training programs for all employees in Brazil
• Build, mentor, and lead the local security team, fostering a culture of security consciousness and continuous improvement
• Serve as the primary security liaison with external auditors, regulators, and partners

• Minimum of 8 years of experience in Information Security, with at least 4 years in a senior leadership role (CISO, Head of Security, or equivalent) within the technology or regulated industry sector (Finance, Gaming, or E-commerce)
• Deep, demonstrable knowledge of the LGPD (Lei Geral de Proteção de Dados) and proven experience in achieving and maintaining compliance
• Expertise in developing and implementing comprehensive security frameworks (e.g., ISO 27001, NIST CSF)
• Proven experience in managing and mentoring a dedicated security team
• Fluency in Portuguese (native or near-native) and professional working proficiency in English (required for global reporting)

• Relevant industry certifications (e.g., CISSP, CISM, C-CISO)
• Experience with security in cloud-native environments (AWS / Azure security architecture)
• Familiarity with the Brazilian regulatory environment beyond LGPD (e.g., specific financial regulations)

If you have passion, and a collaborative spirit, let’s move forward together.

Send your CV🔈