Job Summary: The Cyber and Technological Risk Coordinator will lead and execute the identification, assessment, mitigation, and continuous monitoring of cyber and technological risks. Key Highlights: 1. Lead cyber and technological risk management 2. Focus on threat identification, assessment, and mitigation 3. Ensure regulatory compliance and adherence to internal policies In a business landscape where digital transformation is relentless, integrated management of Cyber Risks, Data Privacy, and Business Continuity emerges as a vital function—transcending mere compliance to become a competitive differentiator and strategic imperative. Although distinct, these three disciplines are intrinsically interconnected and interdependent, forming a protective mesh that safeguards assets, data, and reputation. Cyber Risk Management focuses on identifying, assessing, mitigating, and monitoring threats that could compromise the confidentiality, integrity, and availability of an organization’s information systems and data. It is not solely about technology; it is a discipline encompassing people, processes, and organizational culture. The Cyber and Technological Risk Coordinator will be a key member of the Risk team, responsible for leading and executing the identification, assessment, mitigation, and continuous monitoring of cyber and technological risks. **Responsibilities and Duties** * Risk Identification and Assessment (Cyber and Technological): Conduct comprehensive risk assessments, analyzing cyber threats and emerging technological risks (e.g., system obsolescence, vendor dependency, infrastructure failures, new technologies such as AI/Cloud) across information assets, IT infrastructure, and critical business processes; * Control Management: Test and monitor the effectiveness of cybersecurity and technological infrastructure controls, ensuring alignment with recognized security and IT governance frameworks (e.g., NIST CSF, ISO 27001, COBIT, ITIL); * Regulatory Compliance and Internal Policies: Ensure that security and technological risk policies, procedures, and controls comply with applicable laws and regulations, as well as internal organizational guidelines; * Strategic Reporting and Communication: Prepare periodic and executive reports on the status of cyber and technological risks, security metrics, and performance and risk indicators (KPIs/KRIs) for stakeholders, delivering actionable insights to support decision-making. **Requirements and Qualifications** * Bachelor’s degree in Information Technology, Computer Engineering, Information Security, Computer Science, or related field; * Knowledge of security frameworks and standards (e.g., NIST CSF, ISO 27001/27002) and IT governance (e.g., COBIT, ITIL); * Knowledge of regulatory compliance related to Privacy and Cybersecurity, ensuring adherence to sector-specific regulations (ANPD, BACEN, SUSEP, ANS) and relevant technology legislation; * Relevant certifications (e.g., CRISC, CISM, CISSP, CGEIT, CompTIA Security+) are a plus. **Additional Information** **BENEFITS** **Flexible Meal and Food Allowance;** **Health Insurance Plan;** **Dental Insurance Plan;** **Wellhub and TotalPass;** **Exclusive Bio Ritmo Gym for Employees:** located at the Head Office Complex; **Profit Sharing Program (PLR);** **Stock Ownership Program: Porto em Ação:** complementary to PLR until 2025; **Sand Volleyball and Multipurpose Courts:** located at the Head Office Complex; **Transportation Allowance;** **Van Transportation Services;** available at major access stations to Porto (Luz, Barra Funda, Santa Cecília, and Júlio Prestes); **Extended Parental Leave:** up to 40 days for all family configurations; **Extended Maternity Leave:** 6 months; **Medical Clinic with Specialties:** located at the Head Office Complex and Barra Funda; **Childcare or Babysitting Allowance;** **Life Insurance;** **Private Pension Plan – PortoPrev;** **Discounts on Products and Services;** **Study Grant: Reimbursement for undergraduate, graduate, or MBA programs;** **Monthly Running Events:** subsidy for major street races in São Paulo; **Language Reimbursement (English or Spanish);** **Porto Theater:** exclusive sessions for Employees; **Library;** **Rest Room:** at the Head Office Complex; **Game Room:** at the Head Office Complex; **Massage and Podiatry Services:** at the Head Office Complex; **Work Location:** Campos Elíseos – Downtown São Paulo; **Work Model:** On-site; Porto is much more than an insurance company: it is a vast ecosystem leveraging technology to create solutions across four business verticals: **Porto Bank, Porto Saúde, Porto Seguro, and Porto Serviço**. Its reputation and recognition, built over more than seven decades, underscore Porto’s scale—a business reference, built by and for people. Here, 13,000 employees proudly belong to a solid, ethical organization that transforms dreams into fantastic realities for over 15.8 million customers. Porto operates through more than 101 branches and regional offices across Brazil. Learning is part of our DNA—and here, you’ll have incentives, tools, and supportive colleagues to learn and grow every day, in an inclusive, safe environment where everyone can be themselves and take pride in who they are—promoting respect and living holistically and healthily within a genuinely human company. **DIVERSITY & INCLUSION AT PORTO** At Porto, we value diversity and believe that a plural team is essential to the development of our entire business, society, and each individual—because we understand that every person is unique in building a more innovative and inclusive environment. Together, we work daily to build a safe, free, and welcoming space characterized by greater plurality and respect. Therefore, **we strongly encourage applications from women, Black and Indigenous individuals, persons with disabilities, and LGBTQIA+ individuals** for all our positions.