Key Responsibilities:

📍Strategic Leadership: Develop, implement, and maintain a robust global information security strategy aligned with business objectives, regulatory requirements (e.g., GDPR, LGPD, NIST, ISO 27001, local financial regulations), and industry best practices. Lead the evolution of our security roadmap, identifying emerging threats, vulnerabilities, and opportunities for improvement. Provide expert guidance and leadership on all aspects of information security to executive management and key stakeholders. 📍Security Program Management: Oversee the design, implementation, and continuous improvement of security policies, standards, procedures, and guidelines across the organization. Manage and mature our security awareness and training programs for all employees, fostering a security-conscious culture. Develop and manage the information security budget and resource allocation. 📍Risk Management & Compliance: Establish and maintain an enterprise-wide information security risk management framework, conducting regular risk assessments and managing mitigation plans. 📍Ensure compliance with relevant international, regional, and local data privacy and security regulations (e.g., PCI DSS, SOC 2, various financial regulatory requirements in Mexico, Colombia, Brazil, North America, and EMEA). Lead and coordinate external security audits and assessments, facilitating responses to findings and ensuring timely remediation. 📍Security Operations & Incident Response: Oversee security operations, including vulnerability management, penetration testing, security monitoring, and incident detection and response. Develop and regularly test the incident response plan, ensuring effective communication, containment, eradication, recovery, and post-incident analysis. Manage and optimize security tools and technologies (SIEM, EDR, WAF, DLP, etc.). 📍Architecture & Engineering Security: Collaborate closely with engineering and product teams to integrate security by design principles throughout the software development lifecycle (SDLC) and infrastructure provisioning. Provide security architecture guidance for new and existing systems, applications, and cloud environments (AWS, Azure, GCP). 📍Vendor Security Management: Develop and manage the third-party security risk assessment program, ensuring that vendors and partners adhere to our security standards. 📍Team Leadership & Development: Build, mentor, and lead a high-performing team of security professionals (if applicable, or set the foundation for building a team). Foster a culture of continuous learning and professional development within the security function.

Qualifications:

📍Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred. 📍10+years of progressive experience in information security, with at least 5 years in a leadership or management role, preferably within a B2B SaaS or FinTech environment. 📍Proven experience operating in a global organization with a strong understanding of diverse regulatory landscapes across North America, EMEA, and Latin America (Mexico, Colombia, Brazil). 📍Strong understanding of financial industry security regulations and compliance frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST Cybersecurity Framework, GDPR, LGPD). 📍Deep technical expertise across a broad range of security domains, including network security, cloud security (AWS, Azure, GCP), application security, data security, identity and access management, and incident response.

If this role isn’t the perfect fit, there are plenty of exciting opportunities in blockchain technology, cryptocurrency startups, and remote crypto jobs to explore. Check them on our Jobs Board.