Information Security Governance Lead

As an Information Security Lead, you will be a key player in the planning, design, implementation, operation and maintenance of the organization's Information Security Governance model, guaranteeing that it complies with the legal and regulatory requirements, as well as implementing and promoting the adoption of high security standards such as ISO27001, PCI, SOC2, etc. The Information Security Lead will also work closely with the Risk, Compliance and Legal teams to continuously monitor any non-conformity with current regulations as well as address any risk that could impact the organization significantly.

**Your impact**:

- Have clear accountability and ownership to drive and maintain our information security governance program around people, processes and technology.
- Develop enterprise security policy, programs, and guidelines for implementation aligned to recognized standards, especially ISO27000 and PCI.
- Review existing and proposed policies with stakeholders.
- Provide policy guidance and awareness to management, staff and users.
- Participate in the information security risk assessments to provide knowledge, guidance and advice to conduct a proper risk analysis and evaluation.
- Serve as an internal consultant and advisor.
- Measure the effectiveness and maturity level of our Security Governance Program.
- Support the delivery of Information Security improvement plans.
- Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

**Who you are**:

- 5+ years of experience in a security management role
- Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff
- Good understanding of effective risk management, business impact and continuity strategies.
- Strong knowledge of ISO/IEC 27000-series and PCI/DSS.
- Certifications including but not limited to PMP, CISSP, CISA, CISM, ISO27001
- Knowledge of and experience in developing and documenting enterprise security policy and governance models
- Well organized, able to prioritize workload in line with tight deadlines, be highly numerate, with excellent analytical and problem solving skills and strong attention to detail.
- Excellent written and verbal communication skills.
- English language proficiency.

LI-Remote

LI- JI1

**About Bitso**:
Bitso is Latin America's leading cryptocurrency platform. Our goal is to evolve how we think about and use money. We believe that we should all have the opportunity to use our money whenever we want it, and how we want it, without boundaries or schedules. To achieve this, we provide individuals with fast, cheap, seamless and user-friendly financial services powered by blockchain technology.

Cryptocurrencies do not rely on intermediaries to give them legitimacy or value. Instead, they are valuable because of the peer-to-peer technology that powers them. We firmly believe in crypto and the use cases it has. It's time for the world to upgrade to a fair, open, transparent, and global financial system for all. **#makecryptouseful.**

Bitso promotes an environment where people are treated fairly and with respect, free of discrimination, bullying, harassment, violence or threats.

**Compensation and Benefits**:

- **Purpose**: You'll be part of something bigger, working towards financial disruption and inclusion across Latin America.
- **Culture**: You'll work in a thriving, friendly, and fun environment that promotes open discussions, jokes, learning, video games, and lots of fun.
- **People**: You'll work with some of the most driven and intelligent people in the crypto space, engaging with a network of diverse talent from 25+ nationalities bound by our quest to #makecryptouseful.
- **Salary**: We pay competitively in the countries where we operate.
- **Venue**:Work from wherever you want, work asynchronously; this role is fully remote to give you maximum freedom.
- **Unlimited Paid Time-Off**: You choose your number of days off. Recharge batteries and enjoy who you are outside the office
- **Employee Stock Option Plan**: we want our team members to be owners of the company. Therefore, as we all together crave for the success of our business, you will be eligible to participate in our stock option plan
- This role is expected to work remotely.
- These are the applicable requisites, although equivalent competencies in any of the above will also be considered.