Cyber Security Manager - São Paulo - ref. f46051415

This hands-on management role involves overseeing security operations, implementing security measures, and guiding a team of security analysts.

Key Responsibilities:

Security Incident Management and Response:

• Oversee and manage the end-to-end process of security incident management, including escalation and response through SIEM tools.
• Lead analysis of mail headers, antivirus/EDR alerts, and IDS/IPS alerts across desktop, network, and cloud environments.
• Develop advanced log monitoring strategies and provide guidance to the team on incident response best practices.
• Collaborate with stakeholders to address employee security concerns and ensure comprehensive reporting on security incidents.

Access Management and Policy Implementation:

• Define and maintain access policies and procedures, including User Access Reviews (UAR).
• Develop and manage Role-Based Access Control (RBAC) and RACI matrix across systems.
• Lead security exceptions review and approval processes, working closely with the Information Security Manager and compliance teams.

Security Operations and Project Leadership:

• Lead internal security awareness programs, including phishing campaigns and the Security Champions initiative.
• Manage security projects using Agile methodologies, ensuring alignment with organizational goals.
• Oversee threat modeling and vulnerability management, including analysis of CVEs and implementation of security controls.
• Define and track OKRs and KPIs for the Security Operations team, driving performance and continuous improvement.

Cloud Security Management:

• Implement, manage, and optimize security measures within AWS and GCP environments.
• Conduct regular security assessments of cloud infrastructure and applications, ensuring consistent protection across both platforms.
• Provide strategic guidance on cloud security best practices and ensure integration of security into new cloud initiatives.

Compliance and Reporting:

• Ensure compliance with relevant industry regulations and standards (e.g., PCI DSS, ISO 27001).
• Develop and present comprehensive security metrics and reports to management and stakeholders.
• Lead security audits and assessments, collaborating with internal and external auditors.

Team Leadership and Development:

• Manage and mentor a team of security professionals, fostering growth and technical development.
• Promote a culture of security awareness, teamwork, and continuous learning within the team.
• Act as a security consultant to cross-functional teams, translating IT security issues into business context for senior management.

Strategic Collaboration:

• Liaise with international teams, IT, and business units to ensure alignment on security strategy and initiatives.
• Engage with senior leadership to communicate security risks and mitigation strategies, emphasizing their impact on business operations.

Qualifications and Skills:

• 8+ years of experience in information security, with 3+ years in a management or leadership role.
• Strong expertise in:
• Security Incident Management and Response
• Cloud security management (AWS and GCP)
• Access management and policy implementation
• Threat intelligence and vulnerability management
• SIEM tools and advanced log monitoring
• Forensic analysis and incident management (CSIRT)
• In-depth understanding of financial industry security standards (e.g., PCI DSS, ISO 27001) and data protection principles.
• Proven experience managing and developing security teams.
• Excellent communication skills, capable of translating complex security issues into business implications.
• Fluency in English and Portuguese is required.
• High ethical standards and attention to detail.

What We Offer:

• Competitive salary and comprehensive benefits package.
• Opportunity to lead security initiatives within a global, multi-cloud fintech environment.
• Professional development and training opportunities.
• Collaborative and innovative work culture.
• Potential for international travel and cross-office collaboration.
• Inclusive and diverse work environment, open to candidates from all backgrounds, including people with disabilities. ; ;