Information Security Specialist

Summary

Join Bitso as an Information Security Compliance Specialist and lead the regional Nvio’s Information Security Strategic Program in Brazil. You will be responsible for implementing and maintaining security controls, ensuring compliance with local regulations, and acting as a regional CISO. This role requires a minimum of 5 years of experience in information security, proficiency in relevant frameworks (e.g., ISO 27001), and knowledge of Brazilian regulations (BCB 85 and CMN No. 4.893). Strong communication, project management, and leadership skills are essential. You will also need a CISM or CISA certification or equivalent. Bitso offers a remote-first work environment, unlimited paid time off, employee stock options, and various other benefits.

Requirements

• You are an information security professional with a minimum of 5 years of experience in Information Technology or Information Security roles
• You have proficiency in information security frameworks and best practices (e.g., ISO 27001)
• You possess professional knowledge of Brazilian regulations , including but not limited to BCB 85 and CMN No. 4.893 , with expertise in the interpretation,  implementation and considerations of information security controls defined in those regulations
• You have hands-on experience with the SISBACEN and other relevant Central Bank platforms
• You possess a competent understanding of Crisis Management, leading and facilitating crisis management exercises and simulations (e.g, tabletop exercises)
• You are a Certified Information Security Manager ( CISM ) or Certified Information Systems Auditor (CISA) or possess an equivalent certification with a focus on information security management
• You possess strong communication skills
• You possess strong Project Management skills
• You possess strong Leadership and Relationship-building skills
• You are agile and avid learners
• Proven English proficiency

Responsibilities

• Responsible and accountable for defining and implementing the NVIO Information Security Strategic Program in Brazil and securing necessary resources
• Responsible and accountable for developing,implementing, and maintaining security policies and procedures in the region
• Responsible and accountable for identifying, managing, and reporting information security risks
• Responsible and accountable for the compliance of the organisation to be aligned with the Information Security local regulatory and legal framework
• Responsible and accountable for identifying, implementing, and maintaining controls for the region's Security Risk Management
• Responsible for supporting audit exercises for the region
• Comply with specific responsibilities based on local regulations
• Supporting activities for the information security governance & compliance team

Preferred Qualifications

Desirable Spanish proficiency

Benefits

• Me Time program, including unlimited paid time off
• Remote-first work environment
• Employee Stock Option program
• Zero trading fees through our Bitso Alpha app
• Extended Family Leave Policy: all birthing parents, non-birthing parents and adopting parents are eligible for a 4-months leave
• Premium health, dental and life insurances in Mexico, Gibraltar, Colombia, USA, Brazil and Argentina
• Monthly stipend for gym memberships, relaxation activities, sports equipment, cooking classes, books, entertainment and more