Senior Cybersecurity Strategist

As a Senior Security Governance and Risk Consultant, you will lead clients through the intricacies of establishing effective security governance practices and managing enterprise risk. This role involves crafting governance frameworks, performing risk assessments, and ensuring compliance with relevant security regulations.

You will guide organizations in fortifying their security posture while aligning their security strategy with their business objectives. You will also develop and manage Information Security Master Plans (ISMS) in compliance with ISO 27001 or other relevant standards.

The ideal candidate will have extensive experience in the cybersecurity field and a deep understanding of security frameworks, regulations, and cybersecurity compliance requirements. You will also possess strong analytical, organizational, and problem-solving skills.

A Bachelor's or Master's degree in Information Security, Computer Science, or a related field is required, along with 5+ years of experience in security governance, risk management, or compliance consulting.

• Lead the planning, execution, and delivery of security governance and risk management projects for clients across various industries;
• Conduct security maturity assessments based on established frameworks, identify gaps, risks, and areas for improvement;
• Design, implement, and maintain Information Security Management Systems (ISMS) in compliance with ISO 27001 or other relevant standards;
• Develop and manage Information Security Master Plans (PDSI), aligning security strategy with business objectives;
• Execute Third Party Cyber Risk Management (TPCRM) processes, including due diligence assessments, vendor risk scoring, and remediation planning;
• Lead or support cybersecurity audits and regulatory compliance reviews;
• Provide guidance and recommendations to clients on risk mitigation strategies, security policies, procedures, and controls;
• Collaborate with cross-functional teams to embed security governance into broader business processes;
• Deliver executive-level reporting and presentations on risk posture, findings, and strategic recommendations;
• Mentor junior consultants and support internal capability development within the GRC team;
• Stay up-to-date with emerging threats, regulatory changes, and industry trends to continuously enhance client value and service delivery.

• Bachelor's or Master's degree in Information Security, Computer Science, or a related field;
• 5+ years of experience in security governance, risk management, or compliance consulting;
• Deep understanding of security frameworks, regulations, and cybersecurity compliance requirements;
• Proven track record of leading and delivering complex security projects with direct client interaction;
• Experience with risk assessment tools and methodologies is a plus;
• Strong analytical, organizational, and problem-solving skills;
• Excellent interpersonal and communication abilities, with the capability to convey complex topics in a clear and concise manner;
• Certifications such as CISSP, CISM, CRISC, or similar are strongly preferred;
• Comfortable working in remote environments while maintaining high engagement and collaboration with clients and teams;
• Fluency in Portuguese and English

• Opportunity to work with bleeding-edge technologies in a dynamic environment;
• Investment in employee growth and development through on-the-job training and exceptional development tools;
• Attractive compensation package with the opportunity to work from anywhere in the world;
• Chance to participate in scientific publications, conference, and workshop participation, in fields of expertise;
• Collaborative and supportive team environment

• Mid-Senior level position;
• Full-time employment;
• Other job function;
• IT Services and IT Consulting industry