




Job Summary: Hands-on Cybersecurity / Information Security Manager responsible for leading the company's cybersecurity operations and ensuring the sustainability, evolution, and efficiency of processes and tools. Key Highlights: 1. Lead the company's Information Security and Cybersecurity operations. 2. Ensure the evolution of security controls and adherence to best practices. 3. Collaborate with teams to ensure security in technological environments. CNP Seguradora seeks a **Information Security / Cybersecurity Manager** with a strong **hands-on** profile and solid management capabilities to lead the company's cybersecurity operations, aligned with corporate, regulatory, and business guidelines. This role will be responsible for ensuring the sustainability, evolution, and efficiency of cybersecurity processes, tools, and services, working closely with the CISO, infrastructure, architecture, development, risk, audit, compliance teams, and external partners. We seek a professional who combines **practical operational vision**, responsiveness, execution discipline, and maturity to incrementally, consistently, and appropriately structure and evolve security within the regulated insurance environment. **Responsibilities and Duties** * Lead the company's Information Security and Cybersecurity operations. * Manage security services and partners, including SOC, monitoring, incident response, and specialized vendors. * Coordinate detection, response, and remediation processes for security incidents. * Ensure operation and evolution of security controls such as SIEM, EDR/XDR, vulnerability management, IAM, endpoint protection, network security, and related tools. * Monitor and guide action plans related to risks, vulnerabilities, audits, and non-conformities. * Define and implement operational security processes, metrics, SLAs, KPIs, and governance frameworks. * Support the development and execution of the cybersecurity roadmap, balancing risk, technical feasibility, operational impact, and business priorities. * Collaborate with infrastructure, architecture, engineering, and development teams to ensure security implementation across technological environments. * Support architecture assessments, hardening, preventive controls, and continuous improvement initiatives for environments. * Ensure compliance with corporate policies, regulatory requirements, and industry best practices. * Produce executive and operational reports for leadership, clearly communicating risks, incidents, priorities, and environment evolution. * Work closely with business and governance areas, translating operational needs into concrete security actions. **Requirements and Qualifications** * Bachelor's degree in Information Technology, Information Security, Engineering, Computer Science, or related fields. * Proven experience in Information Security/Cybersecurity, particularly in security operations management. * Practical experience operating SOC, incident response, vulnerability management, and monitoring and protection tools. * Knowledge of security controls and technologies such as SIEM, EDR/XDR, IAM, DLP, firewall, antimalware, endpoint protection, and network security. * Experience managing vendors, contracts, SLAs, and security service metrics. * Ability to lead teams and initiatives with strong execution and results orientation. * Operational, pragmatic profile with strong prioritization skills. * Strong communication skills for interacting with technical teams, corporate departments, and senior leadership. * Familiarity with security frameworks and best practices such as ISO 27001, NIST, CIS Controls, and ITIL. * Knowledge of the regulatory and compliance context applicable to regulated market companies is considered highly relevant. ### **Desirable** * Experience in the insurance, financial, or other highly regulated sectors. * Experience with audits, risk management, continuity, resilience, and regulatory requirements. * Security certifications such as CISSP, CISM, ISO 27001, Security+ or equivalents. * Experience in hybrid and cloud environments, and integration with engineering and architecture teams. * Proven track record of structuring or improving cybersecurity operations focused on stability and continuous evolution. ### **Expected Profile** * Leadership closely involved in operations and execution capability. * Hands-on profile with a sense of urgency and operational discipline. * Ability to balance strategic vision with practical day-to-day delivery. * Strong communication skills for engaging with technical and executive areas. * Maturity to drive incremental evolution, avoiding unnecessary disruptions while preserving environmental stability. **Additional Information** **What You’ll Find Here:** Work Model: Hybrid Health Insurance, at no cost to you or your dependents Dental Insurance; Meal Allowance and Food Allowance; Vidalink; Travel Insurance; Life Insurance; Home Office Allowance; Wellhub; Childcare/Babysitter Allowance; Extended Maternity and Paternity Leave; Private Pension Plan; Profit Sharing; And more... **Inspiration yesterday. Transformation today and tomorrow.** Shall we write the next chapter together? Apply now! **We ensure a more open world that embraces diversity in all its forms and pluralities.** **We invite women, LGBTQIAPN+ community members, Black (Black or Brown) individuals, persons with disabilities, and members of other underrepresented groups to be part of this story.**


