Cyber Security Manager

As a Cyber Security Manager, you will lead security operations and strategy, driving initiatives to strengthen the organization’s security posture, manage risk, and ensure compliance. You will apply your advanced expertise in security management, cloud environments (AWS and GCP), and team leadership to support the global expansion and meet regulatory requirements. This hands-on management role involves overseeing security operations, implementing security measures, and guiding a team of security analysts.

Key Responsibilities:

Security Incident Management and Response:

• Oversee and manage the end-to-end process of security incident management, including escalation and response through SIEM tools.
• Lead analysis of mail headers, antivirus/EDR alerts, and IDS/IPS alerts across desktop, network, and cloud environments.
• Develop advanced log monitoring strategies and provide guidance to the team on incident response best practices.
• Collaborate with stakeholders to address employee security concerns and ensure comprehensive reporting on security incidents.

Access Management and Policy Implementation:

• Define and maintain access policies and procedures, including User Access Reviews (UAR).
• Develop and manage Role-Based Access Control (RBAC) and RACI matrix across systems.
• Lead security exceptions review and approval processes, working closely with the Information Security Manager and compliance teams.

Security Operations and Project Leadership:

• Lead internal security awareness programs, including phishing campaigns and the Security Champions initiative.
• Manage security projects using Agile methodologies, ensuring alignment with organizational goals.
• Oversee threat modeling and vulnerability management, including analysis of CVEs and implementation of security controls.
• Define and track OKRs and KPIs for the Security Operations team, driving performance and continuous improvement.

Cloud Security Management:

• Implement, manage, and optimize security measures within AWS and GCP environments.
• Conduct regular security assessments of cloud infrastructure and applications, ensuring consistent protection across both platforms.
• Provide strategic guidance on cloud security best practices and ensure integration of security into new cloud initiatives.

Compliance and Reporting:

• Ensure compliance with relevant industry regulations and standards (e.g., PCI DSS, ISO 27001).
• Develop and present comprehensive security metrics and reports to management and stakeholders.
• Lead security audits and assessments, collaborating with internal and external auditors.

Team Leadership and Development:

• Manage and mentor a team of security professionals, fostering growth and technical development.
• Promote a culture of security awareness, teamwork, and continuous learning within the team.
• Act as a security consultant to cross-functional teams, translating IT security issues into business context for senior management.

Strategic Collaboration:

• Liaise with international teams, IT, and business units to ensure alignment on security strategy and initiatives.
• Engage with senior leadership to communicate security risks and mitigation strategies, emphasizing their impact on business operations.

Qualifications and Skills:

• 8+ years of experience in information security, with 3+ years in a management or leadership role.
• Strong expertise in:
• Security Incident Management and Response
• Cloud security management (AWS and GCP)
• Access management and policy implementation
• Threat intelligence and vulnerability management
• SIEM tools and advanced log monitoring
• Forensic analysis and incident management (CSIRT)
• In-depth understanding of financial industry security standards (e.g., PCI DSS, ISO 27001) and data protection principles.
• Proven experience managing and developing security teams.
• Excellent communication skills, capable of translating complex security issues into business implications.
• Fluency in English and Portuguese is required.
• High ethical standards and attention to detail.

What We Offer:

• Competitive salary and comprehensive benefits package.
• Opportunity to lead security initiatives within a global, multi-cloud fintech environment.
• Professional development and training opportunities.
• Collaborative and innovative work culture.
• Potential for international travel and cross-office collaboration.
• Inclusive and diverse work environment, open to candidates from all backgrounds, including people with disabilities.