We are hiring!Estamos Contratando
Head of Information SecurityFinancial Services
Our customer is a worldwide leader in data aggregation and electronic payment technology that led the use of unique yet compelling data sources to radically change the way small businesses obtain capital. By evaluating the financial health of medium and small businesses and efficiently delivering capital to a market underserved by banks. Our client unique context engine connects to the data sources that small businesses already use every day, such as shipping, accounting, social media, ecommerce, payments and others, and leverages this data to deliver fast, flexible funding to small businesses. Through their platform, millions of small businesses can obtain affordable loans with a fraction of the time and effort that it takes through traditional channels. The company’s proprietary credit models look deeper into the health of businesses, focusing on overall business performance, rather than the owner’s personal credit history.
Descrição do Cargo:
We are seeking a senior senior professional, who has performed Operations activities (such as COO, Director of Operations) with an Engineering, Information Technology and/or Consulting background, who is able to build an overall risk profile of our customer, understand risk tolerance, and create a plan towards reducing risk exposure in an agile, collaborative, and well socialized manner. The ideal candidate will build a Security team that is responsible for encryption policies and implementations; Information Security; Application Security; Policy; Security Operations; Security Risk including Vendor risk, Threat prevention, identification and mitigation. He/she will define best practices and build a team that can work with application developers towards those goals. Define governance and policies to ensure information assets are adequately protected without severely impacting innovation and operation. Ensure vendors are appropriately vetted and comply with relevant security policies, controls and regulations. Establish the risk tolerance for the company with executive management. Lead relevant regulatory compliance and audit initiatives. Leverage vendors and external partners where appropriate to meet the needs of the organization. Work with technology and other stakeholders on threat and incident response, remediation and communication.
Esta posição é baseada na Grande São Paulo.
Desired Skills & Experience:
- Graduated from top Engineering universities and have an MBA degree in top Brazilian schools: FGV (preferable)
- Able to analyze internal and external processes and integration to understand risk.
- Able to evaluate data loss prevention, network security and build secure systems.
- Able to assess and evaluate corporate risk tolerance and translate into goals and policies for the corporation, including software engineering, IT teams, and other relevant stakeholders.
- Able to build a security team focused on Security, Policy management, Application Security, Risk Management.
- Able to get things done in a collaborative and agile work environment.
- Willingness to manage a team of security experts in a diverse set of security topics from security architecture, cyber security, financial controls and regulatory compliance, to identity and access management.
- Interpersonal skills including but not limited to: problem solving, decision making, influencing, change management, written and oral communications along with the ability to work collaboratively with diverse groups
- English mandatory, Spanish a plus