Cyber Security Compliance & Risk Analyst providing guidance and compliance support for security policies. Identifying risks, ensuring remediation, and collaborating across departments to enhance security effectiveness.
About the role
- CISO responsible for cybersecurity strategy, operations, and regulatory compliance in leading blockchain ecosystem. Managing risk and fostering security culture within the organization.
Responsibilities
- Develop and implement a comprehensive cybersecurity strategy aligned with business objectives, establish security governance frameworks, policies, and standards, and serve as the accountable authority for all security and IT governance matters to the board and regulators.
- Ensure adherence to LGPD, Brazilian crypto regulations, and relevant international standards; coordinate internal and external audits and regulatory reporting; fulfill all compliance obligations within the three lines of defense model.
- Lead security operations including threat monitoring, incident response, vulnerability management, and penetration testing to ensure the protection of funds, data, and systems.
- Drive organization-wide security risk management in collaboration with all stakeholders, execute risk assessments and mitigation plans, and oversee third-party vendor security and due diligence.
- Foster a security-aware culture across the company, deliver executive-level security briefings, and continuously improve security frameworks and processes.
Requirements
- Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
- 10+ years of experience in cybersecurity and 2+ years in leadership, preferably in financial services, fintech, or crypto.
- Demonstrated experience with cloud security, application security, and cryptography; solid knowledge of relevant security standards.
- Proven track record managing security incidents, risk programs, and compliance frameworks; strong familiarity with Brazilian regulatory requirements (LGPD and crypto asset regulations).
- Strategic thinker with the ability to translate business objectives into security requirements; excellent communication skills with demonstrated ability to influence across the organization and lead through crises.
- Experience interacting with regulators, banks, or institutional partners is a plus.
Benefits
- Competitive salary and company benefits
- Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Cybersecurity GRC Associate managing information security governance, risk assessments, and compliance at Corient. Join a team dedicated to supporting high - net - worth individuals in wealth preservation.
Cybersecurity Specialist at Telefónica Tech supporting user access within minimal privilege principles. Ensuring compliance and coordination with internal security processes.
Security Engineering Lead at Outset overseeing security policies, compliance, and hands - on security engineering. Collaborating with teams to ensure secure product infrastructure and practices.
Senior Penetration Tester working on TIBER and Red Team assignments in high - security sectors. Collaborate with experts to deliver comprehensive security assessments and enhance organizational security.
Senior Security Delivery Engineer safeguarding digital infrastructure at nbn by embedding security into CI/CD pipelines. Collaborating within DevSecOps teams to ensure resilient platforms.
Senior Cloud Security Engineer at Semperis focusing on preventative security and cloud architecture. Collaborating with teams to enhance security around cloud environments and regulatory requirements.
Product Manager driving secure communications solutions in a highly regulated environment. Collaborating with cross - functional teams to deliver product lifecycle from planning to field adoption.
Cybersecurity Shift Lead at PwC focusing on overseeing cybersecurity operations for clients. Leading teams and ensuring operational excellence during shifts across cybersecurity towers.
Manager overseeing Identity and Access Management services at PwC. Collaborating with stakeholders to drive cyber resilience and compliance in complex environments.