Browse
···
Log in / Register
Job Summary: We are seeking a senior Information Security professional with banking experience to assess regulatory compliance, propose strategic solutions, and operate independently. Key Highlights: 1. Experience in information security within banking environments 2. Analytical mindset, independent execution, and clear communication 3. Focus on BACEN regulations and risk management **What We Are Looking For:** A senior Information Security professional with experience in banking environments, capable of conducting comprehensive assessments, analyzing regulatory compliance, and proposing strategic recommendations. We seek someone with strong analytical vision, independent execution capability, and clear communication skills with both technical and executive audiences. The role involves reviewing processes, writing procedures, establishing scenarios, and proposing security solutions. **Responsibilities:** * Lead comprehensive Information Security assessments in banking environments, covering processes, technology, and governance; * Perform AS\-IS security environment diagnostics, including infrastructure, applications, cloud, identity, data, and operations; * Assess compliance with BACEN regulations, such as Resolution No. 4\.893/2021, Circular 3\.909, and related norms; * Identify regulatory and maturity gaps, classifying risks by financial, operational, regulatory, and reputational impact; * Prepare executive and technical reports containing AS\-IS analysis, gap matrix, risk assessment, and prioritized recommendations; * Propose an Information Security roadmap, including quick wins, structural initiatives, and maturity evolution; * Collaborate in interviews, evidence collection, and documentary analysis to support conclusions and recommendations. **Mandatory Requirements:** * Advanced, fluent, or native Spanish; * Solid experience in Information Security auditing and assessment within financial institutions or regulated environments; * In-depth knowledge of ISO/IEC 27001 (Annex A and SoA), CIS Controls v8, NIST CSF, and risk management (ISO 27005 or equivalent); * Proficiency in the Brazilian Central Bank’s cybersecurity regulatory requirements; * Experience preparing audit reports, maturity assessments, remediation plans, and strategic roadmaps; * Knowledge of security architecture, Cloud Security, IAM/PAM, SOC/SIEM, incident response, and TPRM; * Ability to map technical controls to regulatory requirements and conduct interviews, evidence collection, and documentary analysis; * Strategic vision, strong analytical capability, and governance orientation; * Clear communication with technical and executive audiences (C\-level); * Experience in banking environments and understanding of the three lines of defense model; * Independent, evidence-based, and constructively critical approach. **Behavioral Profile:** **We Are Looking For Someone Who:** * Enjoys working in teams and is collaborative in their responsibilities; * Has the courage to challenge themselves and go beyond, embracing new growth opportunities; * Transforms ideas into creative solutions and pursues quality in all daily activities; * Possesses problem-solving skills; * Is skilled and comfortable working independently and managing their own time; * Is interested in handling adverse and innovative technological situations. **Big enough to deliver – small enough to care.** **\#VempraGFT** **\#VamosVoarJuntos** **\#ProudToBeGFT** With over 35 years in the market and presence in 16 countries, GFT employs more than 12\.000 people worldwide, including 4\.000 in Brazil. Here, diversity, equality, and inclusion are at our core, and ensuring a safe workplace for everyone reflects who we are. We foster a culture of development and growth anchored in our Continuous Scaled Learning pillar because we believe intelligent use of technology is the key to success in this digital world. **What We Offer** -------------------- * Multi\-benefit card – you choose how and where to use it. * Study grants for undergraduate, graduate, MBA, and language courses. * Certification incentive programs. * Flexible working hours. * Competitive salaries. * Annual performance evaluation with a structured career development plan. * International career opportunities. * Wellhub and TotalPass. * Private pension plan. * Childcare allowance. * Medical assistance. * Dental assistance. * Life insurance. \#VemPraGFT
