Browse
···
Log in / Register
Description: * Bachelor's degree in Computer Science, Engineering, Information Systems, or related fields; * Postgraduate degree or MBA in Information Security, Cybersecurity, Risk, or Governance; * Solid experience in cybersecurity leadership roles, preferably in financial or highly regulated industries; * Strong leadership experience and in developing people as well as managing security projects; * Excellent active listening, communication, articulation, relationship-building, and influence with technical and executive stakeholders; * Proactivity, ownership, and results focus; * Balance between technical vision and business perspective; * Strategic decision-making based on risk analysis and facts; * Frameworks: NIST CSF, ISO 27001, CIS Controls; * Tools: SIEM, EDR, DLP, WAF, IAM, etc; * Cloud Security (AWS, Azure, GCP); * LGPD, GDPR, PCI\-DSS, SOX; * Vulnerability management, business continuity (BCP/DRP), incident response (SOC), and threat intelligence; * Software development security (AppSec, DevSecOps); * Management of departmental indicators and metrics; * CISSP or CISM certification (mandatory). CRISC, CEH, ISO 27001, and similar are differentials; * Experience in structuring programs such as PDSI (Information Security Master Plan), digital transformation, and cloud\-first initiatives; * Availability for hybrid work: must attend our office in Morumbi region, São Paulo, once per month for four consecutive days, usually during the last or first week of the month (Creditas in Person). * Lead cybersecurity areas including Security Governance, Application Security, Cloud Security, SOC, Access Management, and Strategic Security; * Lead the Cybersecurity team, promoting crew capability building and development; * Develop, implement, and manage the company’s information security program; * Manage GRC (Governance, Risk, and Compliance) initiatives, including policies, procedures, and controls; * Conduct risk assessments, security assessments, and internal audits; * Supervise security operations (monitoring, incident response, digital forensics); * Ensure regulatory compliance with LGPD, GDPR, ISO 27001, SOX, and other applicable standards; * Support DevSecOps initiatives, cloud security, and strategic corporate projects; * Act as a liaison with internal and external stakeholders (IT, legal, audit, vendors); * Foster a security culture across all organizational levels. 2510260202221768494
