Information Security Specialist

Working At Bitso

We are a diverse team that takes pride in understanding the perspectives of others. We fully embrace working remotely and we are eager to act, improve and accelerate progress inside and outside of our organization.

To drive revolutionary changes in society and make crypto useful, we delight our customers with world-class products, deep care, and intentional empathy.

Your Purpose
The Information Security Compliance Specialist is the role responsible and accountable for regional Nvio’s Information Security Strategic Program. This role leads to the identification, implementation, and maintenance of controls that ensure the confidentiality, integrity, and availability of all Nvio Brasil information assets while complying with local regulatory and legal frameworks at all times. The role performs as a security specialist and regional CISO. 

Reports To
Information Security Program Manager

Who You Are 

• You are an information security professional with a minimum of 5 years of experience in Information Technology or Information Security roles.
• You have proficiency in information security frameworks and best practices (e.g., ISO 27001).
• You possess professional knowledge of Brazilian regulations, including but not limited to BCB 85 and CMN No. 4.893, with expertise in the interpretation,  implementation and considerations of information security controls defined in those regulations.
• You have hands-on experience with the SISBACEN and other relevant Central Bank platforms.
• You possess a competent understanding of Crisis Management, leading and facilitating crisis management exercises and simulations (e.g, tabletop exercises).
• You are a Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) or possess an equivalent certification with a focus on information security management.
• You possess strong communication skills. These are crucial as the role involves coordinating with internal teams, external auditors, and various technical and non-technical groups during disaster and IT contingency planning scenarios. Being able to effectively communicate initiatives, key messages, recommendations, and remediation strategies to different levels of stakeholders is key.
• You possess strong Project Management skills. Given the role's responsibilities, you must be able to keep track of essential tasks, contacts, and processes that are in place in light of a business incident or an implementation project. You possess the ability to manage project portfolios.
• You possess strong Leadership and Relationship-building skills. This encompasses the skill to guide other employees in project leadership and oversee a team of specialists. You have the ability to effectively coordinate and collaborate with cross-functional teams and external stakeholders.
• You are agile and avid learners. Information security is a rapidly evolving field, so you have a willingness to continuously learn and stay updated on the latest trends, threats, and best practices in the industry. Keeping up-to-date will help in effectively implementing security measures.
• Proven English proficiency. You are comfortable presenting to English-speaking audiences and creating deliverables in that language. You are able to maintain a fluid conversation in English.
• Desirable Spanish proficiency. You may support better communication with Spanish-speaking stakeholders.
• Finally, you are passionate about information security and you can see beyond the technology and controls. You find confluence points and create synergies. You practice teamwork, visibility, initiative, and you believe that by empowering an organization to protect itself, you are on the side of a noble and much-needed cause.

What You Will Do 

• Responsible and accountable for defining and implementing the NVIO Information Security Strategic Program in Brazil and securing necessary resources.
• Responsible and accountable for developing,implementing, and maintaining security policies and procedures in the region. 
• Responsible and accountable for identifying, managing, and reporting information security risks.
• Responsible and accountable for the compliance of the organisation to be aligned with the Information Security local regulatory and legal framework.
• Responsible and accountable for identifying, implementing, and maintaining controls for the region's Security Risk Management.
• Responsible for supporting audit exercises for the region.
• Comply with specific responsibilities based on local regulations.
• Supporting activities for the information security governance & compliance team.

Research in Diversity, Equity, and Inclusion suggests that individuals may hesitate to apply for jobs if they do not meet all the listed criteria. At Bitso, we value diversity and your unique strengths could be just what we're looking for. If this role excites you but you don't match every point in the description, we still want to hear from you.

#LI-Remote

Who We Are

With over 9 million users, Bitso is the leading cryptocurrency platform in Latin America. We are developing the cryptocurrency ecosystem in the region and enabling financial inclusion. We believe crypto is the future of finance, and we’re committed to making it useful by providing equal access to safe and intuitive financial products.

When we hire people for our team, we specifically test for the following traits in addition to our cultural values:

• Mission-Driven: We seek individuals who are passionate about crypto and Bitso’s mission and resilient in facing industry challenges

• High Sense of Urgency: We prioritize candidates who demonstrate a high sense of urgency and responsibility.

• Exceptional Hard Skills: We seek individuals who possess exceptional skills in their respective fields, with no room for mediocrity.

• Self-Management: We look for individuals who can independently manage their work, career, and professional development.

Compensation & Benefits

At Bitso, you are taking the front seat on the edge of crypto innovation, creating the next generation of crypto-powered products.

So for those willing to commit, adapt and pioneer the most important change of the century we offer:

• Me Time program, including unlimited paid time off.
• Remote-first work environment.
• Employee Stock Option program.
• Zero trading fees through our Bitso Alpha app.
• Extended Family Leave Policy: all birthing parents, non-birthing parents and adopting parents are eligible for a 4-months leave.
• Premium health, dental and life insurances in Mexico, Gibraltar, Colombia, USA, Brazil and Argentina.
• Monthly stipend for gym memberships, relaxation activities, sports equipment, cooking classes, books, entertainment and more.

Want to leave an undoubtedly legacy with us? Fasten your seatbelt and join this spaceship, where you will find exponential growth and the opportunity to thrive!

• These are the applicable requisites, although equivalent competencies in any of the above will also be considered.
• To see our Privacy Policy please click here.