Description: * Bachelor's degree in technology-related fields * Technical knowledge: Understanding of security technologies, networks, operating systems, and cloud architecture. * Knowledge of industry frameworks and regulations, such as ISO 27001, ISO 27005, NIST, CIS, and PCI. * Familiarity with security risk management, compliance, and audits. * Availability to work in a hybrid model (3 days in the office and 2 days remote). * Maintain and review information security and cybersecurity policies, standards, and procedures. * Controls: Map, document, and test the effectiveness of security controls. * Support the cyber risk governance lifecycle, tracking action plans, remediation treatments, and remediation status. * Support inspections and audits by facilitating evidence collection for controls and following up on recommendations. * Monitor compliance with SUSEP, LGPD, PCI, and JSOX requirements, ensuring traceability and documentary compliance. * Risk management: Contribute to risk identification and assessment, and develop corresponding mitigation plans aligned with the frameworks adopted by the company. 2512160202201868297