**✨** **Your talent drives our future** ----------------------------------------------- **Getnet** is a global technology company specializing in payment solutions for merchants. Founded in Brazil and present across Latin America and the Iberian Peninsula, we support over **1.3 million merchants** with end-to-end services — from point-of-sale terminals to e-commerce. We are part of **PagoNxt**, Santander Group’s global fintech, and operate as an acquiring hub with a strong presence in **Spain, Portugal, Brazil, Mexico, Chile, Argentina, and Uruguay**. Our mission is clear: **simplify payments through innovation, security, and scale**, helping businesses of all sizes grow with agility. We offer a unified platform integrating hardware, software, fraud prevention, acquiring, reconciliation, and financial services — all within a single ecosystem, enabling our clients to focus on growing their business. Joining Getnet means becoming part of a company that combines the innovation of a fintech with the stability of a global bank. **Imagine your future. Care for your career.** **Simplify****your****journey****.** This means you’ll have the opportunity to build impactful solutions, grow through real development opportunities, and evolve within a culture that values well-being, inclusion, and transparency. We combine flexibility, autonomy, and global collaboration — so you can focus on what matters, connect with purpose, and help shape the future. Here, you’ll find room to grow, real opportunities to lead, and a culture where everyone belongs and contributes. ✨ **If you want to be part of the next generation of financial solutions, this is the right place.** **Can you already picture yourself as an Nxter?** **What you’ll do** We’re looking for a **Cybersecurity Manager** to lead the **Cybersecurity Risk Management** function within a **GRC team**, operating cross-functionally across multiple platforms, entities, and geographies. This professional will be responsible for ensuring a **preventive (Shift Left)** security approach, integrating **SSDLC** practices, managing **penetration testing**, continuously assessing risks, and governing security controls across all development and operational pipelines. ### **Cybersecurity Risk Management** * Lead the corporate process for **identification, analysis, evaluation, treatment, and monitoring of cybersecurity risks**. * Maintain and evolve the **cybersecurity risk register** across multiple entities and platforms. * Conduct risk analyses for new products, architectures, integrations, and significant changes (Change Management). * Define and track mitigation, acceptance, transfer, or elimination plans for risks. * Support executive decision-making through clear, business-oriented risk reporting. ### **Penetration Testing Administration** * Plan, coordinate, and administer **penetration tests (internal, external, web/mobile applications, APIs, cloud, and infrastructure)**. * Manage specialized third-party providers and/or internal pentest teams. * Ensure proper prioritization, tracking, and validation of remediation for identified vulnerabilities. * Integrate pentest results into the formal risk management process. ### **Preventive Approach – Shift Left and SSDLC** * Lead implementation and governance of the **Secure Software Development Life Cycle (SSDLC)** across all development pipelines. * Integrate security practices from early stages of: + Requirements and architecture design + Development and code review + CI/CD pipelines * Define and monitor controls such as: + SAST, DAST, SCA, IaC Scanning, and secure Code Review * Act in an advisory capacity with development, architecture, and product teams to promote **security by design**. ### **Governance, Compliance, and GRC Integration** * Ensure alignment with frameworks and standards including **ISO 27001/27005, NIST CSF, NIST RMF, OWASP, CIS Controls**, among others. * Support internal and external audits related to cybersecurity. * Contribute to information security policies, standards, guidelines, and procedures. * Collaborate closely with **Compliance, Privacy, and Business Continuity** functions. ### **Management and Leadership** * Lead and develop the Risk team within GRC. * Work cross-functionally with Technology, Product, Engineering, Cloud, Legal, and Business units. * Promote a security culture and cybersecurity awareness across geographies. * Manage priorities in a complex, multicultural environment. **✅ What we’re looking for in you** * Solid experience in **cybersecurity risk management**. * Practical knowledge of **penetration testing** and vulnerability management. * Proven experience with **SSDLC and Shift Left practices**. * Strong understanding of modern architectures (cloud, microservices, APIs, DevOps). * Experience in **multi-platform, multi-entity, and multi-geography environments**. * Familiarity with application security tools and CI/CD pipelines. * Solid experience in **cybersecurity leadership or management roles**. * Ability to translate technical risks into business impact. * Analytical, structured, and process-oriented profile. * Excellent communication and stakeholder negotiation skills — both technical and executive. * Strategic and operational capability. * Advanced English. **✅ Bonus points** * Certifications such as **CISM, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor, CEH**. * Experience in global organizations or regulated environments. * Exposure to security maturity models and risk-based security approaches. * Spanish is a plus. **What we offer** Health insurance Dental insurance Wellhub Birthday day off Life insurance Annual vaccination campaign Transportation allowance (VT) Meal/voucher allowance (VR/VA) Annual bonus Childcare allowance Christmas allowance Extended maternity and paternity leave periods Specialized Personal Support Program (PAPE) Ástex platform: a free resource for learning a new language (English, Spanish, French, Italian, German, and Portuguese) Access to a learning platform connected to all LinkedIn Learning and O'Reilly content * ️ Option to contract personal loans at interest rates lower than market rates **Next step** Apply now — and if you know someone who might be looking for this opportunity, please share.