Information Security Specialist with solid experience in financial environments and in-depth knowledge of regulations applicable to the banking sector. This professional will be responsible for ensuring the protection of the company's digital assets, guaranteeing compliance with standards such as LGPD, BCB Resolution No. 4.658 and No. 498, ISO 27001, PCI-DSS, and other requirements of the National Financial System (SFN). **Responsibilities and duties** * Develop, implement, and maintain information security policies, standards, and procedures aligned with financial sector requirements. * Ensure compliance with regulations such as LGPD, BCB Resolution No. 4.658/2018, BCB Resolution No. 498/2025, and other Central Bank regulations. * Manage cyber risks by conducting vulnerability analyses, penetration testing, and security assessments. * Monitor and respond to security incidents, coordinating actions with CSIRT/SOC. * Manage security tools such as SIEM, DLP, IAM, antivirus, firewalls, IDS/IPS, among others. * Support internal and external audits, including the preparation of technical and executive reports. * Participate in the definition and execution of business continuity plans (BCP) and disaster recovery. * Promote training and awareness campaigns on information security. * Assess security risks in digital transformation projects, including cloud environments (AWS, Azure, GCP). * Act as a security focal point in initiatives involving new financial products and partnerships with vendors. **Requirements and qualifications** ### **Mandatory Requirements** * Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or related fields. * Proven experience in information security within financial institutions or companies with banking operations. * Knowledge of financial sector regulations: LGPD, BCB Resolution No. 4.658, BCB Resolution No. 498, SFN Security Manual, PCI-DSS, ISO 27001, NIST, COBIT. * Desired certifications: CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, CEH. * Experience in risk management, compliance, auditing, and security governance. * Knowledge of cloud environment security (AWS, Azure, GCP). * Technical English for reading documentation and communication with international vendors. ### **Differentiators** * Experience in security within financial retail environments (e.g.: digital banks, fintechs, acquirers). * Experience with Threat Intelligence, SOAR, incident response automation. * Knowledge in application security, DevSecOps, and secure development. **Additional information** **The deadline for internal candidates' applications is until October 16th.** Location: Porto Alegre/RS Model: Hybrid. Real-world challenges applied. Codes that come to life and become experiences. World-class tools. Challenges to learn, grow, and transform. What makes you excited? Here at Lojas Renner SA, we get excited when we delight. Whether by learning something new amidst your daily work routine or launching a new solution that significantly impacts our customers' lives. We are the union and connection of the Data, Digital Channels, and IT areas. **Together, we are the Encantech Community. A diverse community of people passionate about exceeding expectations.** With a data-driven culture and various methodologies and frameworks, we use digital transformation to build the largest Fashion and Lifestyle Ecosystem in the Americas. We are committed to technology, innovation, data, and sustainability. We are committed to the future. Because here, your ideas generate real impact on people's lives and value to the business. **And so, we invite you: Build with us the future of fashion TODAY!** Come transform! Come delight and be delighted together with us. Join the technology, data, and digital areas of Lojas Renner S.A! #WhatExcitesYouExcitesUs #Encantech